I have to set up 10 dial-up-VPNs (IPSec) to our corporate network. The available Hardware Platform is a Juniper NS5GT with which I have no experience at all. On the other hand I could use a Cisco ASA Appliance (probably the 5505).
So could you please give me some pros and cons about the two systems? I would really appreciate it.
The 5GT might be just a bit too small for the task, since the standard license only gives you 10 tunnels to work with. So if you plan to expand on the number of tunnels in the near future you either need an extended license for the box, or a bigger box with higher limits.
("get license" on the cli will get you the license and limits on the box)
If you plan to do granular acls you might also hit the 5GT limit of 100 acls.
Myself, I find the PIX syntax somewhat arcane and unintuitive. YMMV though. The Netscreens are IMHO straight forward to configure. But as Lutz wrote, use the box you can work with best _and_ that fits the requirements.
Ciao Chris
--=20 All diese Momente werden verloren sein in der Zeit, so wie Tr=E4nen im Re= gen Dipl-Ing (FH) Christian 'Dr. Disk' Hechelmann IRC: DrDisk GPG Fingerprint: 53BF634B 28326F92 79651A15 F84ABB55 4F068E4E Ich finde, scharfe Waffen und "Feuer nach eigenem Ermessen" sollte zum Adminjob dazugeh=F6ren. [Lars Marowsky-Bree in d.a.s.r]
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.