We too like the cisco ASA platforms for this function. Unfortunately some orgs like Sprint require VPN parameters that the ASA does not support. Just ran into this issue and had to deploy a 1700 router just for their tunnel configuration. Sprint drives me nuts. Joseph -----Original Message----- From: voiceops-bounces at voiceops.org [mailto:voiceops-bounces at voiceops.org] On Behalf Of Hiers, David Sent: Monday, January 21, 2013 12:30 PM To: Paul Timmins; Eric Wieling Cc: voiceops at voiceops.org Subject: Re: [VoiceOps] IPSec VPN server We like Cisco ASAs for this role. David -----Original Message----- From: voiceops-bounces at voiceops.org [mailto:voiceops-bounces at voiceops.org] On Behalf Of Paul Timmins Sent: Sunday, January 20, 2013 19:53 To: Eric Wieling Cc: voiceops at voiceops.org Subject: Re: [VoiceOps] IPSec VPN server Cisco router with redundant power supply. Running recent versions of IOS. On Jan 20, 2013, at 22:48 , Eric Wieling <EWieling at nyigc.com> wrote:
We are looking for something which crashes LESS than once per year. "had a few stability problems" doesn't give me a warm fuzzy feeling about the product. Configuration management is nice, but how important is it for a device which is never modified and has only one tunnel?
-----Original Message----- From: voiceops-bounces at voiceops.org [mailto:voiceops-bounces at voiceops.org] On Behalf Of Nathan Anderson Sent: Sunday, January 20, 2013 4:10 PM To: 'Faisal at snappydsl.net'; 'voiceops at voiceops.org' Subject: Re: [VoiceOps] IPSec VPN server
+1 for MikroTik RouterOS. It has admittedly had a few stability issues in past versions, but is getting better all the time. The feature set you get for the price is insane, and device configuration and management is fantastic.
Out of curiosity, what are you currently using, and what is your budget like for its replacement?
MikroTik makes the RB1100AHx2 for $500, which is a dual-core PowerPC product with encryption/IPsec acceleration built-into the CPU; they claim you can forward 800+Mbit/s of IPsec traffic through the thing. (I haven't verified this.) They also just recently came out with a series of products based on Tilera's TILE-Gx multicore CPUs, with models in the $650-1000 range. For something a little cheaper, I can highly recommend the RB450G; the board itself is $100, and you can find places that will sell you a completely assembled kit with case + power supply for ~$130. No HW crypto, but I've heard of people doing ~20Mbit/s of IPsec through it.
-- Nathan Anderson First Step Internet, LLC nathana at fsr.com
-----Original Message----- From: voiceops-bounces at voiceops.org [mailto:voiceops-bounces at voiceops.org] On Behalf Of Faisal Imtiaz Sent: Sunday, January 20, 2013 10:49 AM To: voiceops at voiceops.org Subject: Re: [VoiceOps] IPSec VPN server
How about a Mikrotik Router ... ?
Faisal Imtiaz Snappy Internet & Telecom
On 1/20/2013 1:05 PM, Eric Wieling wrote:
We currently have SIP service with VZB, they require signaling go over an IPSec VPN tunnel. Our current VPN box (which is somewhat old) crashes about once per year and we would like to replace it with something which is more reliable.
Can anyone recommend rock solid boxes which can handle 10Mbps of IPSec traffic? Our current usage is about 1/2 of that, but I want room to grow.
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system. _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops