Hi,
management are looking to purchase a 506E for the sole purpose of using it as a VPN server.
Currently, there are about a dozen VPN clients, all running Windows XP. The users connect using an outdated IPSEC VPN client, getting an IP in a seperate private subnet and the firewall is routing between this VPN subnet and the office net. Authentication is by x509 certificates generated by and checked against our own private linux CA.
We've tried upgrading to a PPTP/IPSEC(L2TP) server, using Linux again, but we've not found it to be as reliable as we would wish. There is also the issue of support of some of the components.
So basically what I would like to know is,
- how reliable is the VPN component of the 506E unit?
- The product appears to be at least a year old. What is the typical lifespan and support of such a product?
- Does its x509 support require use of an external CA? Can we use our own? Why pay if we dont have to?
- Can x509 be used together with Radius authentication to a Windows
2003 server?- It will placed behind the linux firewall so incoming VPN connections will be DNATed. Will that be a problem?
Thank you in advance.
Regards,
Greg.