[VPN] Recommendations

Paul R. Yaskowski paul at yaskowski.com
Sat Apr 10 19:15:40 EDT 2004


PPPoE for authentication to Verizon, the DSL provider.

Paul

-----Original Message-----
From: vpn-bounces+paul=yaskowski.com at lists.shmoo.com
[mailto:vpn-bounces+paul=yaskowski.com at lists.shmoo.com] On Behalf Of
Siddhartha Jain
Sent: Saturday, April 10, 2004 3:12 AM
To: vpn at lists.shmoo.com
Subject: RE: [VPN] Recommendations

Umm, so you are using PPPoE only for authentication?
You can do that in IPSec with pre-shared keys. 

 --- "Paul R. Yaskowski" <paul at yaskowski.com> wrote: >
The PPPoE is for authenticating the DSL.
> 
> I've considered SmoothWall, but I don't plan on
> being here too long, and I'd
> hate to leave them with something no one else knows
> about. If you need Cisco
> help, you can get Cisco help.
> 
> A $90K AS/400 and a $400/month leased line between
> offices less than a half
> mile apart that should be merged. They're about
> broke now.
> 
> Paul
> 
> -----Original Message-----
> From: Siddhartha Jain
> [mailto:losttoy2000 at yahoo.co.uk] 
> Sent: Friday, April 09, 2004 3:23 AM
> To: Paul R. Yaskowski; vpn at lists.shmoo.com
> Subject: Re: [VPN] Recommendations
> 
> > I've looked at the PIX-501, but I've always been a
> > little scared of per-user
> > licensing. If I purchased a 10-user PIX-501, and
> set
> > it behind the SDSL at
> > the main office, it would only allow 10 users to
> get
> > Internet access?
> 
> Yes, it will only allow 10 IP addresses to pass out
> to
> the internet. Maybe, you could setup a web proxy (if
> its only web access that your users want) and then
> NAT
> it to go out. That way you can do with a 10-user
> license.
> 
> > 
> > No matter what product I choose, would a
> > site-to-site VPN work with a static
> > address on one side and a dynamic on the other?
> 
> Yes, you can do this. Look at:
>
http://cisco.com/en/US/products/sw/secursw/ps2308/products_configuration_exa
> mple09186a0080094680.shtml
> 
> > 
> > Would any PIX handle PPPoE with a dynamically
> > assigned IP?
> 
> Why do you want to do PPPoE? Do IPSec.
> 
> > The company is cost-conscious, and I've looked at
> > the PIX-506E, without the
> > per-user licensing, but it is 50% more.
> 
> Your management bought an AS/400 but can't afford a
> PIX 506E?? :)
> 
> > 
> > Any comments or suggestions as to which products I
> > should look at would be a
> > great boon to me. I prefer Cisco products, because
> I
> > am familiar with their
> > interface, but am flexible.
> > 
> 
> Look at Sonicwall and NetScreen. Both pack in more
> features that Cisco PIX, both have pretty good web
> GUIs and simpler configuration.
> 
> A tip on PIX: If you plan on using its Web GUI, then
> configure it from scratch using the GUI. If you
> configure it from CLI during installation and later
> try to switch to the GUI, you may run into trouble.
> 
> HTH,
> 
> Siddhartha
> 
> 
> 
> 	
> 	
> 		
>
____________________________________________________________
> Yahoo! Messenger - Communicate instantly..."Ping" 
> your friends today! Download Messenger Now 
> http://uk.messenger.yahoo.com/download/index.html
> 
> _______________________________________________
> VPN mailing list
> VPN at lists.shmoo.com
> http://lists.shmoo.com/mailman/listinfo/vpn 


	
	
		
____________________________________________________________
Yahoo! Messenger - Communicate instantly..."Ping" 
your friends today! Download Messenger Now 
http://uk.messenger.yahoo.com/download/index.html
_______________________________________________
VPN mailing list
VPN at lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/vpn




More information about the VPN mailing list