Mark Minasi's Tech Forum
Register Calendar Latest Topics
 
 
 


Reply
  Author   Comment  
Lane

Still Checking the Forum Out
Registered:
Posts: 8
Reply with quote  #1 

Hello,

I need to set up a VPN Portal or device for access control for many users. We have a VPN tunnel set up between our servers and hundreds of customer sites. Each site has their own IP accessible only through the VPN tunnel. How can I provide access for the customers to their sites (and only their sites) but maintain security? Any suggestions?

I have looked at Cisco's ASA 5545 which can connect up to 2500 users; however, licensing costs seem prohibitive. I am not sure if SSL VPN is the same costs as IPSEC. Not to mention, I would prefer a solution with a GUI interface, although this is not a deal breaker.

I have read some information about Cisco's WebVPN... not sure if this would do what I need it to as it launches a java plugin which would make it hard to connect with mobile devices.

Windows offers the RAS Gateway, although I have not set one of these up and am not sure on how licensing would be handled. However, this solution combined with 2FA (duo.com) might work.

Perhaps there is a cloud solution at AWS, Azure, or Google that someone else is aware of?

What I am looking for is an access control device or VPN gateway that does the following:

1. Robust- able to handle hundreds of users
2. Cost Effective
3. GUI (Negotiable)
4. Expandable (future growth)
5. OS Agnostic

Currently, our network is similar to the following:

Customer Sites -> Firewall -> Site to Site VPN Tunnel -> Firewall -> Hosted Servers

Suggestions anyone? Please let me know if I can clarify anything. Thanks for any suggestions that you can offer. 

Best, 

Lane

0
donoli

Senior Member
Registered:
Posts: 598
Reply with quote  #2 
I would look into OpenVPN. It runs on any platform.

openvpn.net
0
cj_berlin

Avatar / Picture

Senior Member
Registered:
Posts: 273
Reply with quote  #3 
+1 for OpenVPN

They've even got a ready to run and supported appliance which costs money, I believe.

__________________
Evgenij Smirnov

My personal blog (German): http://www.it-pro-berlin.de/
My stuff on PSGallery: https://www.powershellgallery.com/profiles/it-pro-berlin.de/
0
Lane

Still Checking the Forum Out
Registered:
Posts: 8
Reply with quote  #4 
Thanks so much for the replies! I have set up an OpenVPN virtual appliance and am in the process of testing/learning to see if it will work or our purposes. From what I have read thus far, I think that it just might be what we are looking for. 

Thanks again for the input!

Best regards, 

Lane
0
Previous Topic | Next Topic
Print
Reply

Quick Navigation:

Easily create a Forum Website with Website Toolbox.