VPN..would I really need 4 boxes?
Following on from another thread...
It has been recommended that a firewall be implemented on a separate box. It has also been recommended (Ziegler 2002) that VPN be implemented on a separate box behind the said firewall. If we are connecting two subnets across the Internet (as opposed to single roaming client or "road warrior") then this means we need 2 x 2 =4 boxes. This seems rather a lot.
Also, what software would I install on the VPN boxes. I know what to do with the firewalls, its simply a matter of iptables rules, a simple masquerade and enable ip forwarding. But what is the software/daemon/application to be run on the VPN boxes?
Would it be seemless? Many Netgear and Linksys boxes boast that no client software is required at all, does this mean all network traffic such as SMB traverses automatically? (That would be pretty seemless)
I actually don't mind giving money to Linksys or Netgear. I only use Linux to avoid giving money to Mickey$oft. I would prefer to buy some kit than to mess around with recompiling kernels. I am seriously considering buying a pair of Netgear FVS318. Can any one recommend an alternative solution?
I have tried to Google on this subject but have not seen a clear and obvious answer. Any offers?
Regards,
Meadensi
Bibliography:
Appendix C, Linux Firewalls, by Robert Ziegler ,2nd Edition, 2002, ISBN 0-7357-1099-6
|