Have you run into the pfsense pptp limitation? That is, only one customer (behind your pfsense NAT router) , can establish a pptp session to the same external pptp server at a time. At least, that's what the pfsense download site lists under known limitations.
Tom S. ----- Original Message ----- From: "Scott Lambert" <lamb...@lambertfam.org> To: "WISPA General List" <wireless@wispa.org> Sent: Monday, April 05, 2010 4:30 PM Subject: Re: [WISPA] Vyatta? > On Fri, Apr 02, 2010 at 10:15:24PM -0400, Tom DeReggi wrote: >> What Vyatta does is pretty cool. And they have also been giving back to >> open >> >> <snip> >> >> But the bad is.... its priced wrong. They are going high end, targeting a >> coporate user that might have one or two routers. >> They make their money on support contracts and their fees are very >> expensive. You pay per router, per processor, per year. And at $600-$900 >> each./yr or something like that. Then there is the free community >> version, > > pfSense was the same way. But, now they have support contracts based on > resonable metrics, like hours, rather than boxes. > > I have had a pfSense box (Pentium III) acting as the corporate firewall > with 5 interfaces for several years. No problems. > > For the past 4 or 5 months, I've had a pfSense box (1 Ghz C7) running > as a NAT box for a network we purchased recently. It has been working > great. I have recently added the OpenOSPFd package and it is working > well talking to StarOS, Mikrotik, Cisco, and Imagestream boxes. The > web GUI means I'm not the only guy who can figure out how to use them. > Carp means I can set them up in redundant pairs. I'll be bringing up > OpenBGPd talking to the upstream soon so that we can get rid of the NAT. > > Both boxes have been loafing with 20 and 10Mbps of traffic respectively. > > My favorite part of pfSense is the fact that I can ssh in and use the > usual BSD commands to do things when I can't get to the web interface > because I am coming from an unusual IP which is not normally allowed > access to the web interface. I can also use tcpdump, mtr, nmap to look > at any possible issues. > > I like the unix command line interfaces. ImageStream and pfSense are > both pretty decent from that perspective. I hate how mikrotik and > staros have gotten in my way. > > StarOS's shell with 6 commands really annoys me. They could at least > have included busybox. Even just including less/more would have been > an improvement. Having grep would make my day. Finding the route any > particular StarOS box has to BFE in the midst of the other 300 routes is > "fun". > > I think mikrotik should have tried to emulate the junos or cisco cli > rather than inventing something new. The hierarchy of the command tree > feels random to me. It probably makes sense to the developers though. > > But, I've been able to make them all work together. They all seem > reaonably reliable. > > I've not used Vyatta. > > -- > Scott Lambert KC5MLE Unix > SysAdmin > lamb...@lambertfam.org > > > > -------------------------------------------------------------------------------- > WISPA Wants You! Join today! > http://signup.wispa.org/ > -------------------------------------------------------------------------------- > > WISPA Wireless List: wireless@wispa.org > > Subscribe/Unsubscribe: > http://lists.wispa.org/mailman/listinfo/wireless > > Archives: http://lists.wispa.org/pipermail/wireless/ -------------------------------------------------------------------------------- Internal Virus Database is out of date. Checked by AVG - www.avg.com Version: 8.5.435 / Virus Database: 271.1.1/2675 - Release Date: 02/08/10 07:35:00 -------------------------------------------------------------------------------- WISPA Wants You! Join today! http://signup.wispa.org/ -------------------------------------------------------------------------------- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
