At the end of the day we all have a choice. I know I started off with v3.1.x of the GB-1000 and evaluated the use of VPN clients and the GB-1000 being the VPN host. I'm a little surprised on what was discovered.
From the outset I setup a VPN host that is not the GB-1000. At this moment in time I can't be going with the hassle of licensing of the VPN client for use with the GB-1000. If every one would like to be militant <Grin . . .> then an option is everyone stops using the VPN facility of the GB-1000 and setup a W2K server with RRAS and IPsec configured to act as a VPN host. GTA don't get to sell any more VPN client licences and then has to either re-think their licensing model or scrap the VPN facility on the GB-1000 because GTA is not longer making a living from selling VPN client licences. In my case, using something else works very well indeed. At 15/09/2001 01:00 pm , <[EMAIL PROTECTED]> wrote: > > -----Original Message----- > > From: Mike Burden [mailto:[EMAIL PROTECTED]] > > Sent: 14 September 2001 23:42 > > To: [EMAIL PROTECTED]; GNAT Box Users Group (E-mail) > > Subject: RE: You can't take it with you... > > > > > > > -----Original Message----- > > > From: Graham Jones [mailto:[EMAIL PROTECTED]] > > > Sent: Friday, September 14, 2001 9:47 AM > > > To: GNAT Box Users Group (E-mail); ADG > > > Cc: ADG > > > Subject: RE: You can't take it with you... > > > [...] > > > "5. VPN - VPN client licensing is now enforced on the firewall. > > > Previously licensing was enforced on the workstation. > > > > > > 6. VPN - Systems that support mobile VPN clients (GB-100, GB-1000, > > > and GB-Flash) now support one mobile VPN client connection by > > > default. Additional concurrent connections require > > > the purchase > > > of activation codes." > > > > > > I don't understand how 5 works, but I can see that 6 will be > > > relevant for > > > users wanting more than two or more concurrent VPN > > > connections - and that > > > each GB-1000 of a HA pair will require an activation code. > > > Is this what > > > Mike Burden meant? > > > > > > That's exactly right. If you have an HA pair and need 10 concurrent > > VPN users, then you actually have to purchase two 10 user VPN licenses, > > one for each GB-1000. > > > > Mike Burden > > Lynk Systems > > http://www.lynk.com > > (616)532-4985 > > [EMAIL PROTECTED] > >It's even more restrictive. For our customer with version 3.1.3 the GB-1000 >is configured with 4 VPN authorisation profiles all relating to the same VPN >client. Each profile allows a connection to a separate internal network at >the customer. The VPN client has 4 connections, one relating to each of the >four networks at our customer. > >If we have just one VPN authorisation profile on the GB-1000 it is possible >to connect to each of these networks - but not simultaneously - and changing >from one to another means waiting for the secure connection to renegotiate. >But with four profiles and v3.1.3 it was possible to have four simultaneous >connections, one to each network. > >Now we have upgraded this customer to v3.2.1 it is clear that only one VPN >authorisation profile can be active at a time; an attempt to access a second >network fails. This despite the fact that the same VPN client is being used >to attempt the connection to the second network. > >I cannot see that this is a reasonable restriction - because the VPN client >is the same for each connection. It therefore appears that the licence is >for the number of conncurrent VPN connections, not the number of concurrent >VPN clients. > >Regards, > >-- Graham Jones >Linnet Solutions Ltd. >[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> >01953 717605 or >077 74 894200
