[aklug] Re: OT(?): Remote Access VPN

From: Royce Williams <royce@tycho.org>
Date: Mon Oct 26 2015 - 09:27:59 AKDT

Probably few of us have done both. I can say that the pfSense VPN wizard
is simple, yet flexible.

Royce

On Mon, Oct 26, 2015 at 8:45 AM, Christopher Howard <
christopher.howard.asi@gmail.com> wrote:

> Any opinions on Ubiquiti vs. pfSense as far as ease of getting a VPN up
> and running? In our small office situation, the VPN feature is really the
> only thing that would justify the purchase. As mentioned before, the main
> idea is to give the boss (and maybe some co-workers) the ability to access
> the network shares while out traveling.
>
>
> On 10/21/2015 8:07 PM, Royce Williams wrote:
>
>> This looks like a great drop-in solution. Only big diffs that I see
>> vs pfSense is the pfSense plugin framework, and the fact that I can
>> migrate to/from any commodity hardware that I want. But this looks
>> solid. And apparently there was some cross-pollination between the
>> Ubiquiti and pfSense teams back in the early days.
>>
>> Royce
>>
>> On Wed, Oct 21, 2015 at 6:45 PM, David M. Syzdek <david@syzdek.net>
>> wrote:
>>
>>> I've had good luck deploying Ubiquiti's EdgeRouter Lite for a few of my
>>> friends. A few of it's benefits include:
>>>
>>> * $100 per unit
>>> * Supports L2TP over IPSec (and I believe OpenVPN as well)
>>> * Off the shelf solution
>>> * 3x Gig Ports
>>> * Junos like CLI
>>> * WebUI for easy access
>>> * Based on Vyatta software router with ties to VyOS open source
>>> software
>>> router.
>>>
>>> https://www.ubnt.com/edgemax/edgerouter-lite/
>>>
>>> The community is not as large as the community for PFSense, however it
>>> does
>>> perform better than most small boards at routing traffic.
>>>
>>> Ubiquiti also has 5 port version with POE, however it runs more in the
>>> $150
>>> - $200 range on Amazon.
>>>
>>>
>>>
>>>
>>> On Tue, Oct 20, 2015 at 11:18 AM, Christopher Howard
>>> <christopher.howard.asi@gmail.com> wrote:
>>>
>>>> Hey guys... so I took up a job at a small business which is basically a
>>>> Windows shop (hey, gotta eat...) and I wanted to set up a simple Remote
>>>> Access VPN so the boss could access the network files while abroad.
>>>> They've
>>>> got a WS2008 running their AD and DHCP on the intranet (but it isn't the
>>>> gateway). So, my first thought was to see if it had built in VPN
>>>> functionality. It does, but I ran into some trouble -- apparently in
>>>> WS2008
>>>> the remote access VPN functionality is tied into the IP routing
>>>> functionality (which were aren't using). So, when I activated the RRAS,
>>>> there was some strange conflict with DHCP and it instantly disconnected
>>>> everyone's access to the network storage shares! Fortunately, I was
>>>> able to
>>>> reverse things before causing too much pandemonium, but obviously now
>>>> I'm a
>>>> bit nervous...
>>>>
>>>> So, now I am trying to figure out if it is worth monkeying around with
>>>> this some more to get it working, or if I should look at some other
>>>> approach. Maybe just put a small Linux box on the network and run a
>>>> FOSS VPN
>>>> server from it? (I'm imagining complications down the rI'vtionality.
>>>>
>>>> Any sage advice from the seasoned admins?
>>>>
>>>> ---
>>>> This email has been checked for viruses by Avast antivirus software.
>>>> https://www.avast.com/antivirus
>>>>
>>>> ---------
>>>> To unsubscribe, send email to <aklug-request@aklug.org>
>>>> with 'unsubscribe' in the message body.
>>>>
>>>>
>>>
>>> --
>>> "I'm religious but not spiritual."
>>> --Cardinal Francis George, O.M.I.
>>>
>> ---------
>> To unsubscribe, send email to <aklug-request@aklug.org>
>> with 'unsubscribe' in the message body.
>>
>>
>
> ---
> This email has been checked for viruses by Avast antivirus software.
> https://www.avast.com/antivirus
>
> ---------
> To unsubscribe, send email to <aklug-request@aklug.org>
> with 'unsubscribe' in the message body.
>
>

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Mon Oct 26 09:28:52 2015

This archive was generated by hypermail 2.1.8 : Mon Oct 26 2015 - 09:28:52 AKDT