there are other options than pptp such as openvpn or ipsec
On Apr 5, 2010, at 7:48 PM, Tom Sharples wrote: > Have you run into the pfsense pptp limitation? That is, only one > customer > (behind your pfsense NAT router) , can establish a pptp session to > the same > external pptp server at a time. At least, that's what the pfsense > download > site lists under known limitations. > > Tom S. > > ----- Original Message ----- > From: "Scott Lambert" <[email protected]> > To: "WISPA General List" <[email protected]> > Sent: Monday, April 05, 2010 4:30 PM > Subject: Re: [WISPA] Vyatta? > > >> On Fri, Apr 02, 2010 at 10:15:24PM -0400, Tom DeReggi wrote: >>> What Vyatta does is pretty cool. And they have also been giving >>> back to >>> open >>> >>> <snip> >>> >>> But the bad is.... its priced wrong. They are going high end, >>> targeting a >>> coporate user that might have one or two routers. >>> They make their money on support contracts and their fees are very >>> expensive. You pay per router, per processor, per year. And at >>> $600-$900 >>> each./yr or something like that. Then there is the free community >>> version, >> >> pfSense was the same way. But, now they have support contracts >> based on >> resonable metrics, like hours, rather than boxes. >> >> I have had a pfSense box (Pentium III) acting as the corporate >> firewall >> with 5 interfaces for several years. No problems. >> >> For the past 4 or 5 months, I've had a pfSense box (1 Ghz C7) running >> as a NAT box for a network we purchased recently. It has been >> working >> great. I have recently added the OpenOSPFd package and it is working >> well talking to StarOS, Mikrotik, Cisco, and Imagestream boxes. The >> web GUI means I'm not the only guy who can figure out how to use >> them. >> Carp means I can set them up in redundant pairs. I'll be bringing up >> OpenBGPd talking to the upstream soon so that we can get rid of the >> NAT. >> >> Both boxes have been loafing with 20 and 10Mbps of traffic >> respectively. >> >> My favorite part of pfSense is the fact that I can ssh in and use the >> usual BSD commands to do things when I can't get to the web interface >> because I am coming from an unusual IP which is not normally allowed >> access to the web interface. I can also use tcpdump, mtr, nmap to >> look >> at any possible issues. >> >> I like the unix command line interfaces. ImageStream and pfSense are >> both pretty decent from that perspective. I hate how mikrotik and >> staros have gotten in my way. >> >> StarOS's shell with 6 commands really annoys me. They could at least >> have included busybox. Even just including less/more would have been >> an improvement. Having grep would make my day. Finding the route >> any >> particular StarOS box has to BFE in the midst of the other 300 >> routes is >> "fun". >> >> I think mikrotik should have tried to emulate the junos or cisco cli >> rather than inventing something new. The hierarchy of the command >> tree >> feels random to me. It probably makes sense to the developers >> though. >> >> But, I've been able to make them all work together. They all seem >> reaonably reliable. >> >> I've not used Vyatta. >> >> -- >> Scott Lambert KC5MLE Unix >> SysAdmin >> [email protected] >> >> >> >> -------------------------------------------------------------------------------- >> WISPA Wants You! Join today! >> http://signup.wispa.org/ >> -------------------------------------------------------------------------------- >> >> WISPA Wireless List: [email protected] >> >> Subscribe/Unsubscribe: >> http://lists.wispa.org/mailman/listinfo/wireless >> >> Archives: http://lists.wispa.org/pipermail/wireless/ > > > -------------------------------------------------------------------------------- > > > > Internal Virus Database is out of date. > Checked by AVG - www.avg.com > Version: 8.5.435 / Virus Database: 271.1.1/2675 - Release Date: > 02/08/10 > 07:35:00 > > > > -------------------------------------------------------------------------------- > WISPA Wants You! Join today! > http://signup.wispa.org/ > -------------------------------------------------------------------------------- > > WISPA Wireless List: [email protected] > > Subscribe/Unsubscribe: > http://lists.wispa.org/mailman/listinfo/wireless > > Archives: http://lists.wispa.org/pipermail/wireless/ -------------------------------------------------------------------------------- WISPA Wants You! Join today! http://signup.wispa.org/ -------------------------------------------------------------------------------- WISPA Wireless List: [email protected] Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
