[VPN] Recommendations

Hart, Kevin KHart at helixtechnology.com
Fri Apr 9 09:06:41 EDT 2004


>>I've looked at the PIX-501, but I've always been a little scared of
per-user
>>licensing. If I purchased a 10-user PIX-501, and set it behind the SDSL at
>>the main office, it would only allow 10 users to get Internet access?

Yes...10 user license means just that. You'll need to order the PIX 501 with
a 50 user license if you want
more connections. For the main site, I would go with a 506E.

>>No matter what product I choose, would a site-to-site VPN work with a
static
>>address on one side and a dynamic on the other?

Yes, the PIX can do IPSEC LAN to LAN tunnels with dynamic IP at one site.

http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_configuration
_example09186a0080094680.shtml


>>Would any PIX handle PPPoE with a dynamically assigned IP?

Yes...Pix with PPPOE:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration
_example09186a00801055dd.shtml

Watch for wraps on the URLs

Kevin



-----Original Message-----
From: Paul R. Yaskowski [mailto:paul at yaskowski.com]
Sent: Thursday, April 08, 2004 11:40 PM
To: vpn at lists.shmoo.com
Subject: [VPN] Recommendations


I'm looking to setup a site-to-site VPN the replace a leased line used
solely for AS/400 access. I have a couple questions as to what I should get.

The main office consists of about 25 users with static SDSL. The remote
office is about 5 users with dynamic ADSL.

I've looked at the PIX-501, but I've always been a little scared of per-user
licensing. If I purchased a 10-user PIX-501, and set it behind the SDSL at
the main office, it would only allow 10 users to get Internet access?

No matter what product I choose, would a site-to-site VPN work with a static
address on one side and a dynamic on the other?

Would any PIX handle PPPoE with a dynamically assigned IP?

The company is cost-conscious, and I've looked at the PIX-506E, without the
per-user licensing, but it is 50% more.

Any comments or suggestions as to which products I should look at would be a
great boon to me. I prefer Cisco products, because I am familiar with their
interface, but am flexible.

I would appreciate any help with this, I had Cisco certs back in the
hey-day, but I worked with them so rarely that I let the certs expire.

Paul

_______________________________________________
VPN mailing list
VPN at lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/vpn



More information about the VPN mailing list