Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

New to VPN - looking for hardware/software suggestions

Status
Not open for further replies.

PPettit

IS-IT--Management
Sep 13, 2003
511
US
I've never really used VPN technology before, but it looks like I need to implement it where I work.

I have about 30 users (at home and at various remote offices) that need to connect to three different servers in our main office. Servers are Win2k3. Desktops are WinXP. Main office has cable and DSL connections. Remote offices have DSL and Wireless internet connections. Currently using Xincom DPG-503 dual WAN and Linksys BEFSX41 routers.

I want to minimize any decrease in speed as much as possible. I'm assuming that I would need to get a hardware-based solution as this should take the encryption/decryption load off of the servers and workstations.

My guess is that I need a fairly robust VPN appliance at my main office and some lesser appliances at each of the remote offices. For the home users, they would need to be able to establish a connection via a software client.

Anyone have some recommendations on equipment and/or client software? I'm ok with replacing my current routers if the best solution is to use another brand of router with better VPN capabilities. I'm also fine with just adding a dedicated VPN appliance at each office.
 
Netgear FVS318 Router is a fairly inexpecsive solution and should work for you. With it you have the option to have a static IP or a DYNDNS setting to allow VPN tunneling. They also sell a VPN software to work with the router.
 
None of the Netgear products I've used in the past have ever worked properly. As far as "off the shelf" equipment goes, I've always had much better luck with Linksys products. However, their quality seems to be deteriorating as well.

Thanks for the reply, though.
 
Well the next choice would be Cisco series 800 routers. As for Netgear I use them for remote locations and never have any issues.
 
I would recommend a Cisco ASA 5505 instead of a 800 series router.
 
I definitely second brian's suggestion...30 vpn users into an 800 series---the poor thing's CPU would be so taxed---it would likely burst into flames after a while...

Burt
 
Thanks for the replies.

The ASA 5505 does look interesting.
 
It also appears that you might need to look quite closely at your network architecture...

Do you have load balancing on the cable and DSL at the primary office, or failover? If failover, you might want to consider splitting the VPN traffic and having half (or even more) on your failover circuit.

We have had excellent service from Linksys RVS4000 VPN routers, which give the added benefit of Gb networking (on all ports, including the WAN!).

We tend to use the Microsoft VPN client in conjunction with terminal services.

Main concern should probably be the uplink speeds which hardly ever seem to come close to what the ISP promises - cable or DSL. Sometimes an archaic T1 is just necessary!

Good luck
 
Take a look at the Sonicwall/Aventail E series SSL VPN. They can handle your load, offer great control, and don't need client software on the pc's.
 
Thanks for the additional replies.

A friend of mine suggested looking at Fortinet and F5. Anyone have some experience with (or feedback about) products from these companies?
 
I don't have any experience with Fortinet or F5 firewalls. However if support is important to you I would recommend that you stick to something main stream.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top