[c-nsp] VPN Device

bill fumerola billf at mu.org
Wed Dec 6 17:05:13 EST 2006


On Wed, Dec 06, 2006 at 12:32:16AM -0800, matthew zeier wrote:
> Elmar K. Bins wrote:
> > Nice to see you folks so cisco-centric (alright, it's a
> > cisco specific list), but looking around you will find that
> > what he really needs is a device like the Juniper Netscreen 5GT+,
> > which should come for much less than USD 1000.
> 
> Or you could look at the open source route and look at OpenVPN - openvpn.net.
> 
> I'm pretty much standardizing on that at Mozilla.

this thread is getting off-topic, but i'll add another "me too". while
we wait for everyone to support NAT-T, hotel/airport/etc wireless that
block one or both ESP&AH, and other annoyances in dealing with ipsec;
openvpn just works.

i even bought a netscreen 5GT for endpointing clients and dumped it after
all of the interop difficulties with the mac built-in ipsec/l2tp client.
again, openvpn just worked.

my current mantra is ipsec for site-to-site and openvpn for users.

-- 
- bill fumerola / billf at FreeBSD.org




More information about the cisco-nsp mailing list