Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

VPN question

Options
  • 16-06-2004 11:17am
    #1
    Synkro
    Registered Users Posts: 118 ✭✭


    Hello,

    Could somebody please explain the difference between 'EndPoint VPN router' and a router with 'VPN Gateway'. The VPN Gateway type is about 4 times more expensive than the EndPoint vpn routers. As i understand it... the EndPoint Vpn accepts incoming vpn tunnels from lets say home workers etc. Where as the VPN Gateway sits at the corporate network and 'tunnels' everything after the NAT.

    Generally the vpn end point routers let outsite users tunnel into a dmz port on the router.

    I am looking for a cheap and effective hardware based 'site to site' vpn solution without the need for any special vpn connection software on the client pcs.

    Ive seen prices of €10,000 for a vpn gateway, and prices of €60 for vpn end point
    routers.


    Could this work...


    I want the client sites to connect into my linux box at the datacenter. (there is a web proxy at the datacenter and other services) If i put endpoint vpn routers at the client site... then 'initiate' the connection from the server side (ie at the datacenter) would this work ? and could this connection be left open indefinatley to provide bidirectional tunneled data xfer. I would then have a hub on the dmz of the vpn end point router allowing the pcs at the client office tunneled access to the datacenter.



    Or in another way,

    Is it possible to get the VPn endpoint router at the client site to initiate a connection and to the datacenter, or is this what a vpngateway does?



    I hope all of that makes sense!


Comments

  • Options
    #2
    Jaden
    Registered Users Posts: 2,393 ✭✭✭Jaden


    IpCop & Monowall. STFW or STFB.
    Message ends.


  • Options
    #3
    ressem
    Registered Users Posts: 2,426 ✭✭✭ressem


    Not altogether clear to me,

    VPN endpoint tends to be associated as an extra for a router. Often they don't have dedicated hardware for the extra encryption - decryption. VPN gateway tends to mean a device that is built with the intention of handling lots of VPN connections with coprocessors to cope.

    Cheaper devices will usually be limited in the number of simultaneous connections so you'd have issues, trying to build a mesh of interconnected remote networks.

    Assuming you get Ok hardware, your traffic isn't lots of Mb/sec and you have an always on connection with static IPs then there should be few problems connection using 2 endpoints even low cost ones.
    (never tried with DDNS dynamic ip myself, only available on certain devices)

    Then it comes down to managability, if you're all cisco heads, require centralised logging, RADIUS/LDAP you might prefer to pay extra for a PIX or something with a console port.

    http://www.tomsnetworking.com/FAQ-14-Virtual+Private+Networking+(VPN)-0.php#29

    http://www.tomsnetworking.com/Sections-article22.php


Advertisement