[VoiceOps] IPSec VPN server

Joseph Jackson jjackson at aninetworks.net
Mon Jan 21 13:33:52 EST 2013


We too like the cisco ASA platforms for this function.  Unfortunately some orgs like Sprint require VPN parameters that the ASA does not support.  Just ran into this issue and had to deploy a 1700 router just for their tunnel configuration.  Sprint drives me nuts.


Joseph


-----Original Message-----
From: voiceops-bounces at voiceops.org [mailto:voiceops-bounces at voiceops.org] On Behalf Of Hiers, David
Sent: Monday, January 21, 2013 12:30 PM
To: Paul Timmins; Eric Wieling
Cc: voiceops at voiceops.org
Subject: Re: [VoiceOps] IPSec VPN server

We like Cisco ASAs for this role.



David


-----Original Message-----
From: voiceops-bounces at voiceops.org [mailto:voiceops-bounces at voiceops.org] On Behalf Of Paul Timmins
Sent: Sunday, January 20, 2013 19:53
To: Eric Wieling
Cc: voiceops at voiceops.org
Subject: Re: [VoiceOps] IPSec VPN server

Cisco router with redundant power supply. Running recent versions of IOS.


On Jan 20, 2013, at 22:48 , Eric Wieling <EWieling at nyigc.com> wrote:

> We are looking for something which crashes LESS than once per year.   "had a few stability problems" doesn't give me a warm fuzzy feeling about the product.    Configuration management is nice, but how important is it for a device which is never modified and has only one tunnel?
> 
> -----Original Message-----
> From: voiceops-bounces at voiceops.org [mailto:voiceops-bounces at voiceops.org] On Behalf Of Nathan Anderson
> Sent: Sunday, January 20, 2013 4:10 PM
> To: 'Faisal at snappydsl.net'; 'voiceops at voiceops.org'
> Subject: Re: [VoiceOps] IPSec VPN server
> 
> +1 for MikroTik RouterOS.  It has admittedly had a few stability issues in past versions, but is getting better all the time.  The feature set you get for the price is insane, and device configuration and management is fantastic.
> 
> Out of curiosity, what are you currently using, and what is your budget like for its replacement?
> 
> MikroTik makes the RB1100AHx2 for $500, which is a dual-core PowerPC product with encryption/IPsec acceleration built-into the CPU; they claim you can forward 800+Mbit/s of IPsec traffic through the thing.  (I haven't verified this.)  They also just recently came out with a series of products based on Tilera's TILE-Gx multicore CPUs, with models in the $650-1000 range.  For something a little cheaper, I can highly recommend the RB450G; the board itself is $100, and you can find places that will sell you a completely assembled kit with case + power supply for ~$130.  No HW crypto, but I've heard of people doing ~20Mbit/s of IPsec through it.
> 
> --
> Nathan Anderson
> First Step Internet, LLC
> nathana at fsr.com
> 
> -----Original Message-----
> From: voiceops-bounces at voiceops.org [mailto:voiceops-bounces at voiceops.org] On Behalf Of Faisal Imtiaz
> Sent: Sunday, January 20, 2013 10:49 AM
> To: voiceops at voiceops.org
> Subject: Re: [VoiceOps] IPSec VPN server
> 
> How about a Mikrotik Router ... ?
> 
> Faisal Imtiaz
> Snappy Internet & Telecom
> 
> On 1/20/2013 1:05 PM, Eric Wieling wrote:
>> We currently have SIP service with VZB, they require signaling go over an IPSec VPN tunnel.   Our current VPN box (which is somewhat old) crashes about once per year and we would like to replace it with something which is more reliable.
>> 
>> Can anyone recommend rock solid boxes which can handle 10Mbps of IPSec traffic?  Our current usage is about 1/2 of that, but I want room to grow.
>> 
>> 
>> 
>> _______________________________________________
>> VoiceOps mailing list
>> VoiceOps at voiceops.org
>> https://puck.nether.net/mailman/listinfo/voiceops
>> 
> 
> 
> _______________________________________________
> VoiceOps mailing list
> VoiceOps at voiceops.org
> https://puck.nether.net/mailman/listinfo/voiceops
> _______________________________________________
> VoiceOps mailing list
> VoiceOps at voiceops.org
> https://puck.nether.net/mailman/listinfo/voiceops
> 
> _______________________________________________
> VoiceOps mailing list
> VoiceOps at voiceops.org
> https://puck.nether.net/mailman/listinfo/voiceops


_______________________________________________
VoiceOps mailing list
VoiceOps at voiceops.org
https://puck.nether.net/mailman/listinfo/voiceops


This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system.

_______________________________________________
VoiceOps mailing list
VoiceOps at voiceops.org
https://puck.nether.net/mailman/listinfo/voiceops



More information about the VoiceOps mailing list