![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
rmdI've got an office full of people who like to work from home by VPNing in to the network, here. So, the cisco 3000 vpn concentrator is a nice enough box. Well, except for the fact that it's busted and old enough that the product line is end-of-life.
What are folks using? What's good out there, these days? I'd like a whole lot more flexibility in terms of configuration, and also the ability to do things like https tunnels instead of being limited to vpn client software on the user's machine.
thanks!
What are folks using? What's good out there, these days? I'd like a whole lot more flexibility in terms of configuration, and also the ability to do things like https tunnels instead of being limited to vpn client software on the user's machine.
thanks!
no subject
Date: 2009-07-01 08:47 pm (UTC)Someone made the decision to replace the busted one with one of the ASA 5500 series (sadly, I don't know which one). Dropped into the same (admittedly rather crazy) network environment with the same tunnel configs, we had no end of trouble with it- tunnels would drop randomly, packets would simply stop leaving the internal network space through any logical interface on the box- bizarre random network shit, basically. We still hadn't figured out that "packets can't leave the 10. address space" thing when I was laid off, but now that I look at the spec sheet and see that it's supposed to do fancy intrusion-detection stuff, I bet the ID stuff was interacting badly with the crazy-ass network layout. (I was not the vpn nerd in that shop and I didn't know what the box could do, so I hadn't put that theory together until now).
no subject
Date: 2009-07-01 10:27 pm (UTC)