On 7/8/08, Bill Marquette <[EMAIL PROTECTED]> wrote: > > With OpenVPN, you only have control of the client at time of install. > With the "clientless" solutions from Juniper, F5, et al, they usually > have the ability to check the security of the environment they're > running in, in some manner (antivirus running, up to date patches, > firewall, etc). They can then grant or deny access based on that > security - with OpenVPN, if the credentials are good, you get in. I > won't argue the points as to which is better, or whether you should > even have remote access to your network, just wanted to point out some > missing information in your argument. >
Yeah none of the VPN options in pfSense currently offer any client side policy enforcement (patches accepted). Whether or not that's a concern depends on your environment. Personally, almost all the VPN deployments I've seen that have this capability do not use it for various reasons. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
