There is an oncology clinic using a Juniper SSG5. They have a couple of ipsec connections that require policy-based routing with mapped IP addresses. (MIP)
I can't provide that with pfSense, but I do want to use pfSense to give them protection like squid w/ antivirus, and snort, and pfblocker. >From what I can tell, all the attack detection and other security features of that type in the Netscreen are disabled. They recently added a second WAN connection because their Integra connection is about 4.5 Mbps. So, they have two WAN connections that I need to support. I'm thinking I could place the pfSense box in front of the Juniper and forward ipsec to it, or I could place pfSense behind the Juniper. The customer wants to know which websites are being accessed by its users, so if pfSense were behind the Juniper the reports could better associate the users' addresses with the websites they're going to. (I think) Any thoughts? Thanks! _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
