June 6, 2006 at 7:20 am
We've used the Cisco PIX 501 and it's been pretty reliable. We used a networking company to come set it all up since we're not networking experts.
June 6, 2006 at 7:41 am
We contract with a third party service (Aubeta Networks) to manage the gory details of handling the actual tunneling and the router configs. I use an Efficient Networks router that Aubeta programs remotely and a business class DSL line is the actual connection. Aubeta also helps with the server configuration on the corporate side so everything is secure and connects correctly.
My connection is remarkably stable to the main office 2000 miles away.
June 6, 2006 at 7:54 am
I agree with Brett...the PIX is a very viable solution and very inexpensive for a low, one-time cost. There are some other options as well. For example ClearPathNetworks provides very affordable solution (SNAPVPN) for branch offices that runs $300-400 per office one time or you can have a SOHO user running VPN client for a low monthly cost ($15-20/month).
Steve Thompson
June 6, 2006 at 8:36 am
I have been using SonicWall TZ-170 router/gateways between my home office and my Internet website servers at my hosting provider. The two TZ-170's do a box to box VPN by themselves without the need for any software installed on the clients or the servers. I use the connection over a cable modem and it is extremely stable. I haven't touched it in a couple of years, actually.
TZ-170s are a slight bit more industrial strength than your average consumer router, but not much more expensive, and not much more complicated to set up.
There is also a VPN client application you can get from SonicWall to connect to the same VPN from an arbitrary machine on the Internet. I have used that, too, and it is very stable.
Chiefley
June 6, 2006 at 8:44 am
We use the TZ-170s as well. They have been relatively stable, and the client allows us to create multiple configurations if the client ISP has specific requirements. We have had a few issues with Hotel connections, but those have been pretty few.
June 6, 2006 at 9:28 am
(SKU: CISCOSOHO97K9)
Price Range: $279.00 - $345.00 from 5 Sellers
Description: Recommended for up to five users, the Cisco SOHO 97 ADSL Broadband Router allows all users in a small office to share a secure broadband connection with an integrated stateful inspection firewall. Corporate teleworkers or small-office users.... Read More
Description: Recommended for up to five users, the Cisco SOHO 97 ADSL Broadband Router allows all users in a small office to share a secure broadband connection with an integrated stateful inspection firewall. Corporate teleworkers or small-office users can also take advantage of the Cisco SOHO 97 router for VPN connections to the corporate network. The routers can set up secure Triple Data Encryption Standard (3DES) encrypted connections using Cisco IOS Software or users can initiate VPN tunnels from PC-based VPN clients on the LAN.The Cisco SOHO 97 router includes the Cisco Router Web Set up tool (CRWS), a Web-based configuration tool that allows users to quickly self-install the router. Because CRWS is Web-based, no additional software is required on the PC for configuration. Users simply point a browser to the router and follow a few easy steps to quickly get the router up and running. Additionally, the Cisco Configuration Express service allows enterprise or service provider customers who order products direct from Cisco to have preconfigured SOHO 90 Series routers shipped from the manufacturer directly to the end-users.To simplify management and reduce ongoing operational costs, the Cisco SOHO 97 router also takes advantage of many debug and troubleshooting features in Cisco IOS Software. To further reduce operational costs, the routers support centralized management and configuration updates with the Cisco IE 2100 Intelligent Engine management appliance.The Cisco SOHO 97 router provides the right combination of integrated security features, a four-port 10/100 Ethernet LAN switch, advanced management features to secure broadband connections for small office and home office users. The Cisco SOHO 97 router uses the same Cisco IOS Software that is used in large service provider and enterprise networks, allowing small-office users to take advantage of the proven reliability of Cisco IOS Software.
June 6, 2006 at 9:49 am
I am using Hamachi for some time and i think is very very easy to use and almost config less. They are not Open Source but they have a complete free version and the pay version is very cheap.
June 6, 2006 at 10:42 am
Another vote for OpenVPN. We went this way after our SonicWall died. We did play around with some cheap firewall/router devices but they were a pain for the various reasons cited in other emails.
OpenVPN's been reliable, flexible, and easy to use for our small company.
Bryce
June 6, 2006 at 10:44 am
M0n0wall is a very good open source firewall/VPN solution. It is based on FreeBSD and has an easy to use web interface. It will run on embedded x86 boxes such as WRAP and Soekris, or it can install on a standard PC. It supports IPSec (fixed tunnels and mobile clients) and PPTP.
Check out M0n0wall here:
A couple of embedded solutions:
http://www.pcengines.ch/wrap.htm
Hope this helps,
Pete
June 6, 2006 at 10:55 am
I've been using SonicWall devices since they were released in the late 90s. They have performed well for the money, but their software VPN client has always been a bit problematic, especially when trying to support laptop users. For fixed locations where you can go hardware to hardware they have been extremely reliable. There are a lot of used models always on eBay that make it even cheaper.
Stay away from their SSLVPN product released earlier this year. It is limited in functionality and performance. I tested it for several weeks and sent it back. During that time, they had 3 firmware updates that fixed some things and broke others. While I think they will 'get it right' eventually, it's not there yet.
June 6, 2006 at 11:11 am
I recommend Watchguard. They have a slew of high-end all the way down to the low-end devices, some that specialize in only VPN connections, others that are more general firewall devices with VPN functionality built in. They also come with software for arbitrary clients.
I also am very familiar with Sonicwall, and although I haven't used the TZ170's mentioned earlier, I have used their enterprise VPN products and they are very good. Actually, there was a company a while back named Enkoo who made a specific VPN system, which Sonicwall bought. You might want to check that out!
June 6, 2006 at 12:01 pm
I would also recommend Fortinet (somebody already mentioned it here).
We used the lower series (60 and 50) to connect 7 sites, it is easy to set up and maintain. Also the VPN client is cheap ($25/each or so) and works well. The WAN interfaces can be set up redundant with a dial-up modem, which kicks in as soon as the high-speed connection is down for a certain consecutive lost pings. This was important to us because our retail locations process debit/credit transactions over the Internet. So far it works great.
June 6, 2006 at 2:59 pm
Small businesses and home users alike should get on board the fun train and check out smoothwall.
You can use that old outdated low speced "you never know what you might use it for" box that has been sitting around doing nothing for a couple of years.
Whack a couple of netowrk cards in it (3 if you want to implement a DMZ as well) and you are away... works a treat, is inexpensive and is very very easy to use.
Also has a free version that you can use at home.
We use it as a firewall, port mapper and VPN hub and it has given us no grief at all.
Check it out!
daimo
June 6, 2006 at 4:51 pm
One solution that we have been investigating is the SonicWALL SSL VPN 200 - VPN gateway.
http://www.sonicwall.com/products/ssl-vpn200.html
Has anyone had a chance to try this?
June 7, 2006 at 2:57 am
I've been using the built in Routing and Remote Access (which can be configured for PPTP or L2TP). As long as you follow the wizzards, you can't really break things too badly. If you have NAT things get more tricky, so it's best to try and make sure the machines have real IP addresses.
Viewing 15 posts - 16 through 30 (of 36 total)
You must be logged in to reply to this topic. Login to reply