Re: VPN server (hardware) and VPN client (Software) - both with changing IP. Can it be?

From: David Green (wouldnt_at_youliketoknow.com)
Date: 04/20/04


Date: Tue, 20 Apr 2004 20:41:12 GMT

Sure it's possible.

There might be the occasional small delay, however, during the time
the firewall/hw box takes to inform the dynamic dns service that
its ip address has changed. Only you can assess whether you/your org.
can tolerate this delay.

What kind of bandwidth/connections will you be using?
How many clients will be using the VPN functionality simultanesously?
What services and on how many machines will you need to access behind
the box? Will you want content filtering? WAN failover? What other
features?

I like Zyxel's ZyWALL series of boxes, since I believe they offer
the best value for the price. Then again, I'm a dealer.

Other good devices in the same price range are the Netscreens,
and some of the Sonicwalls. Of these two, I prefer the Netscreens
for ease of use. When you evaluate pricing, make sure you compare
apples with apples. That is, make sure the units you're comparing not
only have the same features, but also have the same number of client
licenses for the same price. Many people overlook this issue.

Most important to me is intercompatibility. If you think your needs
will ever grow (pretyy likely) you'll want to stick to one brand for
all the VPN boxes, or at least make sure you buy a unit that is
compatible with a lot of other VPN boxes and VPN software clients.

Your best bet at that point is to decide which features are important,
since with these boxes come many, many features.

Hope this helps!

Brad

On Fri, 26 Mar 2004 09:18:01 -0500, in comp.security.firewalls you
wrote:

>Hi,
>
>I would like to setup VPN solution for up to 5 remote clients. I would like
>to have VPN server as a hardware box and client could be software.
>Could this be done when both server and client have changing IP address?
>For server we have registered with dyndns.org, so we have constant dns name
>that points to changing IP address. Will this help?
>
>If this could be done, what VPN server box would you recommend to buy?
>
>Thank you
>

On Fri, 26 Mar 2004 09:18:01 -0500, "NoOne" <NoOne@Me.com> wrote:

>Hi,
>
>I would like to setup VPN solution for up to 5 remote clients. I would like
>to have VPN server as a hardware box and client could be software.
>Could this be done when both server and client have changing IP address?
>For server we have registered with dyndns.org, so we have constant dns name
>that points to changing IP address. Will this help?
>
>If this could be done, what VPN server box would you recommend to buy?
>
>Thank you
>