pfsense and opnsense both do fine with natted ipsec in the environmnets
i've tested.
Isn't there an openvpn appliance too?
On 2/10/2022 1:17 PM, Shawn L via NANOG wrote:
Meraki MX series?
I don't like the way they do their licensing (your license runs out,
the box is a paper-weight) but they do really well at establishing
site-to-site VPNs in some pretty challenging scenarios. Dynamic IPs
and NATs don't really cause them a problem. Some CGNats do (AT&T I'm
looking at you).
Shawn
-----Original Message-----
From: "Keith Stokes" <[email protected]>
Sent: Thursday, February 10, 2022 1:11pm
To: "William Herrin" <[email protected]>
Cc: "[email protected]" <[email protected]>
Subject: Re: VPN recommendations?
Pfsense on Netgate appliances?
I’ve used several of them, while not for this exact purpose they have
done the roles but maybe not the amount of VPN traffic.
--
Keith Stokes
SalonBiz, Inc
On Feb 10, 2022, at 12:02 PM, William Herrin <[email protected]> wrote:
Hi folks,
Do you have any recommendations for VPN appliances? Specifically:
I need to build a site to site VPNs at speeds between 100mpbs and
1 gbit where all but one of the sites are behind an IPv4 NAT
gateway with dynamic public IP addresses.
Normally I'd throw OpenVPN on a couple of Linux boxes and be happy
but my customer insists on a network appliance. Site to site VPNs
using IPSec and static IP addresses on the plaintext side are a
dime a dozen but traversing NAT and dynamic IP addresses (and
automatically re-establishing when the service goes out and comes
back up with different addresses) is a hard requirement.
Thanks in advance,
Bill Herrin
--
William Herrin
[email protected]
<https://bill.herrin.us/>
https://bill.herrin.us/
