[aklug] Re: OT(?): Remote Access VPN

From: David M. Syzdek <david@syzdek.net>
Date: Wed Oct 21 2015 - 18:45:08 AKDT

I've had good luck deploying Ubiquiti's EdgeRouter Lite for a few of my
friends. A few of it's benefits include:

    * $100 per unit
    * Supports L2TP over IPSec (and I believe OpenVPN as well)
    * Off the shelf solution
    * 3x Gig Ports
    * Junos like CLI
    * WebUI for easy access
    * Based on Vyatta software router with ties to VyOS open source
software router.

https://www.ubnt.com/edgemax/edgerouter-lite/

The community is not as large as the community for PFSense, however it does
perform better than most small boards at routing traffic.

Ubiquiti also has 5 port version with POE, however it runs more in the $150
- $200 range on Amazon.

On Tue, Oct 20, 2015 at 11:18 AM, Christopher Howard <
christopher.howard.asi@gmail.com> wrote:

> Hey guys... so I took up a job at a small business which is basically a
> Windows shop (hey, gotta eat...) and I wanted to set up a simple Remote
> Access VPN so the boss could access the network files while abroad. They've
> got a WS2008 running their AD and DHCP on the intranet (but it isn't the
> gateway). So, my first thought was to see if it had built in VPN
> functionality. It does, but I ran into some trouble -- apparently in WS2008
> the remote access VPN functionality is tied into the IP routing
> functionality (which were aren't using). So, when I activated the RRAS,
> there was some strange conflict with DHCP and it instantly disconnected
> everyone's access to the network storage shares! Fortunately, I was able to
> reverse things before causing too much pandemonium, but obviously now I'm a
> bit nervous...
>
> So, now I am trying to figure out if it is worth monkeying around with
> this some more to get it working, or if I should look at some other
> approach. Maybe just put a small Linux box on the network and run a FOSS
> VPN server from it? (I'm imagining complications down the rI'vtionality.
>
> Any sage advice from the seasoned admins?
>
> ---
> This email has been checked for viruses by Avast antivirus software.
> https://www.avast.com/antivirus
>
> ---------
> To unsubscribe, send email to <aklug-request@aklug.org>
> with 'unsubscribe' in the message body.
>
> 

-- 
"I'm religious but not spiritual."
        --Cardinal Francis George, O.M.I.
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Wed Oct 21 18:45:30 2015

This archive was generated by hypermail 2.1.8 : Wed Oct 21 2015 - 18:45:30 AKDT