I need to set up a VPN Portal or device for access control for many users. We have a VPN tunnel set up between our servers and hundreds of customer sites. Each site has their own IP accessible only through the VPN tunnel. How can I provide access for the customers to their sites (and only their sites) but maintain security? Any suggestions?
I have looked at Cisco's ASA 5545 which can connect up to 2500 users; however, licensing costs seem prohibitive. I am not sure if SSL VPN is the same costs as IPSEC. Not to mention, I would prefer a solution with a GUI interface, although this is not a deal breaker.
I have read some information about Cisco's WebVPN... not sure if this would do what I need it to as it launches a java plugin which would make it hard to connect with mobile devices.
Windows offers the RAS Gateway, although I have not set one of these up and am not sure on how licensing would be handled. However, this solution combined with 2FA (duo.com) might work.
Perhaps there is a cloud solution at AWS, Azure, or Google that someone else is aware of?
What I am looking for is an access control device or VPN gateway that does the following:
1. Robust- able to handle hundreds of users
2. Cost Effective
3. GUI (Negotiable)
4. Expandable (future growth)
5. OS Agnostic
Currently, our network is similar to the following:
Customer Sites -> Firewall -> Site to Site VPN Tunnel -> Firewall -> Hosted Servers
Suggestions anyone? Please let me know if I can clarify anything. Thanks for any suggestions that you can offer.