[aklug] Re: OT(?): Remote Access VPN

From: JP <jp@jptechnical.com>
Date: Mon Oct 26 2015 - 09:41:19 AKDT

I have done both. Something as simple as disabling a port or turning off
the wifi radio on the ubiquity end point I have worked with is surprisingly
complicated. It is mainly a matter of hidden screens, or options that don't
become visible unless you are in the right mode.

On the otherhand, the pfSense shows all options, only grayed out when not
available. Also, there is guaranteed to be a comprehensive how-to available
for every conceivable scenario on the forums.

Once you go pfSense, you will wonder how you got along without it.

     ___ _______
    | | |
    | | _ |
    | | |_| |
 ___| | ___|
| | |
|_______|___|

*JP (Jesse Perry)*
voice/txt: 907-748-2200
email: jp@jptechnical.com
web: http://jptechnical.com
support: helpdesk@jptechnical.com

On Mon, Oct 26, 2015 at 9:27 AM, Royce Williams <royce@tycho.org> wrote:

> Probably few of us have done both. I can say that the pfSense VPN wizard
> is simple, yet flexible.
>
> Royce
>
>
> On Mon, Oct 26, 2015 at 8:45 AM, Christopher Howard <
> christopher.howard.asi@gmail.com> wrote:
>
>> Any opinions on Ubiquiti vs. pfSense as far as ease of getting a VPN up
>> and running? In our small office situation, the VPN feature is really the
>> only thing that would justify the purchase. As mentioned before, the main
>> idea is to give the boss (and maybe some co-workers) the ability to access
>> the network shares while out traveling.
>>
>>
>> On 10/21/2015 8:07 PM, Royce Williams wrote:
>>
>>> This looks like a great drop-in solution. Only big diffs that I see
>>> vs pfSense is the pfSense plugin framework, and the fact that I can
>>> migrate to/from any commodity hardware that I want. But this looks
>>> solid. And apparently there was some cross-pollination between the
>>> Ubiquiti and pfSense teams back in the early days.
>>>
>>> Royce
>>>
>>> On Wed, Oct 21, 2015 at 6:45 PM, David M. Syzdek <david@syzdek.net>
>>> wrote:
>>>
>>>> I've had good luck deploying Ubiquiti's EdgeRouter Lite for a few of my
>>>> friends. A few of it's benefits include:
>>>>
>>>> * $100 per unit
>>>> * Supports L2TP over IPSec (and I believe OpenVPN as well)
>>>> * Off the shelf solution
>>>> * 3x Gig Ports
>>>> * Junos like CLI
>>>> * WebUI for easy access
>>>> * Based on Vyatta software router with ties to VyOS open source
>>>> software
>>>> router.
>>>>
>>>> https://www.ubnt.com/edgemax/edgerouter-lite/
>>>>
>>>> The community is not as large as the community for PFSense, however it
>>>> does
>>>> perform better than most small boards at routing traffic.
>>>>
>>>> Ubiquiti also has 5 port version with POE, however it runs more in the
>>>> $150
>>>> - $200 range on Amazon.
>>>>
>>>>
>>>>
>>>>
>>>> On Tue, Oct 20, 2015 at 11:18 AM, Christopher Howard
>>>> <christopher.howard.asi@gmail.com> wrote:
>>>>
>>>>> Hey guys... so I took up a job at a small business which is basically a
>>>>> Windows shop (hey, gotta eat...) and I wanted to set up a simple Remote
>>>>> Access VPN so the boss could access the network files while abroad.
>>>>> They've
>>>>> got a WS2008 running their AD and DHCP on the intranet (but it isn't
>>>>> the
>>>>> gateway). So, my first thought was to see if it had built in VPN
>>>>> functionality. It does, but I ran into some trouble -- apparently in
>>>>> WS2008
>>>>> the remote access VPN functionality is tied into the IP routing
>>>>> functionality (which were aren't using). So, when I activated the RRAS,
>>>>> there was some strange conflict with DHCP and it instantly disconnected
>>>>> everyone's access to the network storage shares! Fortunately, I was
>>>>> able to
>>>>> reverse things before causing too much pandemonium, but obviously now
>>>>> I'm a
>>>>> bit nervous...
>>>>>
>>>>> So, now I am trying to figure out if it is worth monkeying around with
>>>>> this some more to get it working, or if I should look at some other
>>>>> approach. Maybe just put a small Linux box on the network and run a
>>>>> FOSS VPN
>>>>> server from it? (I'm imagining complications down the rI'vtionality.
>>>>>
>>>>> Any sage advice from the seasoned admins?
>>>>>
>>>>> ---
>>>>> This email has been checked for viruses by Avast antivirus software.
>>>>> https://www.avast.com/antivirus
>>>>>
>>>>> ---------
>>>>> To unsubscribe, send email to <aklug-request@aklug.org>
>>>>> with 'unsubscribe' in the message body.
>>>>>
>>>>>
>>>>
>>>> --
>>>> "I'm religious but not spiritual."
>>>> --Cardinal Francis George, O.M.I.
>>>>
>>> ---------
>>> To unsubscribe, send email to <aklug-request@aklug.org>
>>> with 'unsubscribe' in the message body.
>>>
>>>
>>
>> ---
>> This email has been checked for viruses by Avast antivirus software.
>> https://www.avast.com/antivirus
>>
>> ---------
>> To unsubscribe, send email to <aklug-request@aklug.org>
>> with 'unsubscribe' in the message body.
>>
>>
>

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Mon Oct 26 09:42:21 2015

This archive was generated by hypermail 2.1.8 : Mon Oct 26 2015 - 09:42:21 AKDT