Imagine you had a client with 1200 users... That wants VPN and reporting!
-
@andyrh True - quote him one of those and see if he likes the price ;) They sure ain't freaking cheap hehehe
-
I have the home version of LogonBox, nice Web UI that has a QR code to configure the client. At work we use zScaler for 25k+ users.
At some point if you want the pretty pictures and easy config you have to pay the ones that developed it and as you said, they are proud of their work. -
Netgate PFSense devices can not handle 10GB wan connections.
-
@saqqara I run it virtualized on pretty awesome hardware.
:)
-
@saqqara said in Imagine you had a client with 1200 users... That wants VPN and reporting!:
Netgate PFSense devices can not handle 10GB wan connection
Are you sure about that? Without running TNSR, the limitation is up to 10Gbps on the rack based pfsense+ gear.
-
@michmoor better be one hell of a box that can handle 10ge over vpn connections ;)
From the summary page it lists the 1541 running pfsense for ipec vpn
IPERF3 Traffic: 9.30 GbpsBut imix on that drops too
IMIX Traffic: 1.77 GbpsWith the requirements of this RFP - don't believe pfsense would be best fit no.
-
@johnpoz I interpret it as just routing at L3 for 10Gbps.
"With the requirements of this RFP - don't believe pfsense would be best fit no."- Probably not pfsense. TNSR?
But IPsec VPN sustained for 10Gbps...Yikes.. Looking up big brand vendors (PA), they do have boxes that do that but you will be paying so much $$$.
Maybe there's a budget for that. Then again, TNSR can do 10Gbps easily for the fraction of the price.Im wondering if GrayLog has the ability to do a "live map" for VPN.
I have a set up for Snort where I have a world map of the IPs that are tripping my sensor and their location. MaxMind license required. At a high level I can see how it could be adaptable to VPNs. -
This is 1200 individual VPN clients?
-
@stephenw10 Yes.
-
Mmm, that's tough because generally that means one server process. So 10G is pretty much right out with pfSense.