[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [OT]: Recommondations on hardware firewall / vpn device

Marcel Weber wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi

I need some advice for this decision:

We are about to replace our existing watchguard firebox II. There has
been a decision for a hardware device which I cannot alter. But with
all the VPN interop problems we had with the watchguard products I
am favoring some other product.

The minimum requirements are as follows:

- - >70 LAN users.
- - >50 road warriors.
- - standard IPsec VPN. Interopable with Linux (Debian Woody), Windows 2000, Mac, etc. 
- - DMZ
- - Easy to configure (this is not my wish...)
- - minimum firewalled throughput >100MBit/s

Other nice things that were cool:

- - Authentication against NT Domain / Active Directory

I already took a look at the 3com Superstack III Firewall, which seems
quite decent to me. But I did not find anything about VPN interop with
Linux / Macs.
Look at the frees/wan site and their interop stuff. If it interoperates with frees/wan, it (should) do all the above... 

http://www.freeswan.org/freeswan_trees/freeswan-1.97/doc/interop.html
(you might replace that 1.97 with the version of freeswan you have installed. woody is 1.96, which has the same docs as 1.97. Dont' ask) 

-g


--
Glen Mehn	glen@burningman.com
"if you ever swallow the universe, remember to spit the dragon
	back out.xx.		--swan
Reply to: