Best VPN Solution

Similar Messages

• Full mesh VPN solution for on MPLS network with PE and CPEs

  Hi,
  We are trying to evaluate some best solution for Hub-Spoke mesh vpn solution in a MPLS network. The VPN hub router will be in PE router and all the VPN spoke will be in CPE.
  Can someone please let us know what will be the best vpn solution, we understands that there will be some technical limitations going with GETVPN but still we did counld find any documenation for possiblity of using DMVPN.
  How about the recent flexvpn, can fex-vpn work on this requirement, where can i get a design/configuration document.?
  thanks in advance.

  Hello,
  GetVPN is intended for (ANY-to-ANY) type of VPN communication, over an MPLS network with Hub and Spoke Topology, your best Option is to look for Cisco (DMVPN) implementation where this type of VPN is primarily designed for Hub & Spoke.
  Regards,
  Mohamed

• Best VPN Firewall Router for iPhone

  Hi,
  I am looking for opinions regarding VPN routers that will let me connect with the iphone. I'm setting up an office computer network with about 10-20 computers and plan to tunnel in with iphone and macbook when away from office.
  Also, I am looking at a second location, so the ability to have a router to router VPN between two separate office would be a big plus!
  Thank you,
  Jake
  iphone version 3.13

  This seems to be a topic that is not easy to answer. Why? There are a lot of variables. Seems like iPhone supports ipsec/l2tp/pptp but when I tried to connect to a pix506e using ipsec/udp (NAT-T) it just kept failing even though I knew all the settings are right. If you are looking for a cheap solution like a cisco small office router/ or a open source firmware for a wifi router, no luck. Cisco ones support some "easy" vpn solution, or a router to router vpn, and the dd-wrt or tomato variant mostly support open vpn or pptp (but I am still researching the pptp right now). Best bet is a VPN appliance like a cisco asa or a sonicwall. you get what you pay for and you should get support as well. AN asa 5510 will do it. or one of the sonicwall units should work.

• Asa in active/active vpn solution licensing question

  Hello All
  I have a customer with the following requirements:
  1) A Cisco VPN Solution that will be support SSL VPN and Cisco Client VPN - The  solution will be a failover configuration running in an active-active set up.  The solution offered will be fully supported (i.e. it will not go into End of  Life or and lower level of support etc) by Cisco for the next 5 Years.
  a. We  would expect the devices to be similar to the ASA 5520 Appliance with  SW,HA,$GE+1FE,£DES/AES (Including ASA 5500 Advanced Endpoint ASS)
  2) User  licenses for the above - Please quote for both the following
  a. 500 appropriate SSL VPN User Licenses
  b. 250  appropriate SSL VPN User Licenses
  I am quoting them for the 500 ssl vpn bundle
  ASA5520-SSL500-K9 and for the
  ASA5520-BUN-K9.
  Is it right that in active/active  software 8.3 and above that the 500 ssl vpn licenses will be shared between the 2 asa's or will I need to have 250 licenses on each asa.
  Also I have read that in active/active I cannot use shared licenses, is this relevant in a vpn solution?
  http://www.cisco.com/en/US/docs/security/asa/asa84/license/license_management/license_86.html#wp2003381
  Url above has this “The  backup server mechanism is separate from, but compatible with,  failover.
  Shared  licenses are supported only in single context mode, so Active/Active failover is  not supported.”
  Also “Failover  Guidelines
  •Shared licenses are not supported in Active/Active mode. See the "Failover  and Shared Licenses" section for more  information.
  I also need to purchase the
  ASA-ADV-END-SEC and
  ASA-AC-M-5520 (any connect mobile) as the vpn client is eos/eol.
  Do I need to buy this for both asa's or can they share them in active/active mode.
  Thanks in advance.
  Feisal

  Hi Vibhor and thanks for the quick reply. We will be using version 9.3. I was aware that the ASA does not support PBR but I thought with the new code you could do some policy nat that could help influence the outbound flow?
  So in this case we have 2x ISPs and 2x public address space, one from each ISP. How is the NAT and routing handled by the ASA in this design?
  Can I not identify the guest subnet (192.168.0.0/22) and NAT this to a public address from ISP1 and also identify the corp subnets (10.x.x.x)  and NAT them to ISP2?
  My understanding (which is probably wrong) is that the NAT will select the egress interface rather than the routing table, so guest will be sent via ISP1 since the SVI interface of the ASA that connects to this ISP1 has an IP address from the same public address space..?
  Is that incorrect?
  Many thanks
  Rays

• Is DLT the best backup solution?

  Hi,
  I am curious to know what people use as a good backup for their FCP projects and footage. I know DLT is recommended for outputting DVD projects - but are there better options? Any feedback is greatly appreciated.
  Thanks in advance!

  DLT is the dinosaur of the industry. Rock solid, totally dependable. The reasons it's still used for DVD replication are not associated with any reasons why you'd want to use DLT for backing up your FCP projects. DVD replication is an entirely different industry.
  DLT would not be efficient for video offloading in the slightest. Linear and long. But, as said, utterly bombproof and relatively inexpensive. if you have a couple of DLT machines and lots of cart,, you can certainly use them for offloading your FCP media. But "best"? Not at all. There is no single best backup solution, only what works for your budget and workflow. Hot swap RAIDs, cheap FW drives, optical, DVD-ROM, even installing and removing ATA drives in your Mac; they're all viable.
  bogiesan

• Best storage solution for FCP HDV projects?

  What is the best storage solution for Final Cut Pro HDV projects (i.e. internal or external drives, SCSI, external firewire drives, etc.)?

  Don't forget you can also use the "Send to Tape" command to send your footage back to miniDV HDV tape. This isn't the ultimate solution, but is a good way to cheaply "backup" large projects to inexpensive tape without killing your drive storage with every project.
  Here's a new feature request for Media Manager... Forget that. I'll start a new post for it.

• The Next Level - VPN solution

  Ok just months ago I implemented removing our existing Linux server that was used to authenticate and give 30+ XP users, file and internet access along with roaming profiles with a brand new MacPro server.
  I'm still utilizing a seperate Linux box as my internet gateway/firewall. Now that I have everything running quite smooth, my next step is to start taking advantage of the services it offers and want to setup VPN access to alleviate my boss having to come into work just to get file access.
  My initial solution was to just pick up a regular SOHO router but I love Apple products so much, I'd like to know if using the Airport Extreme be a safe and secure method for VPN or do I need to look at a dedicated VPN router?
  There are so many choices, its all a bit confusing. Thank you.
  Message was edited by: Darryl M

  My initial solution was to just pick up a regular SOHO router but I love Apple products so much, I'd like to know if using the Airport Extreme be a safe and secure method for VPN or do I need to look at a dedicated VPN router?
  The AirPort Extreme isn't a VPN router - it won't handle authenticating external users and getting them onto the local network. The best you could do is setup port forwarding to relay the connections to an internal server running VPN server software. The Mac server can do this but, IMHO, isn't the best solution.
  As a result I'd recommend getting a SOHO router that can terminate VPN connections and use that.

• What's the best storage solution for a large iLife? RAID? NAS?

  I'm looking for an affordable RAID storage solution for my Time Machine, iTunes Library, iMovie videos, and iPhoto Library. To this point I've been doing a hodgepodge of external hard drives without the saftey of redundancy and I've finaly been bitten with HD failures. So I'm trying to determine what would be the best recommendation for my scenario. Small Home Office for my wife's business (just her), and me with all our media. I currentlty have a mid-2010 Mac Mini (no Thunderbolt), she has an aging 2007 iMac and 2006 MacBook Pro (funny that they're all about the same benchmark speed). We have an AppleTV (original), iPad2 and two iPhone 4S's.
  1st Question: Is it better to get a RAID and connect it to my Airport Extreme Base Station USB port as a shared disk? OR to connect it directly to my Mac Mini and share through Home Sharing? OR Should I go with a NAS RAID?
  2nd Question: Simple is Better. Should I go with a Mac Mini Server and connect drives to it? (convert my Mac Mini into a server) or Should I just get one of those nice all-in-one 4-bay RAID drive solutions that I can expand with?
  Requirements:
  1. Expandable and Upgradeable. I don't want something limited to 2TB drives, but as drives get bigger and cheaper I want to easily throw one in w/o concerns.
  2. Simple integration with Time Machine and my iLife: iTunes, iMovie, iPhoto. If iTune's Home Sharing feature is currently the best way of using my media across multiple devices then why mess with it? I see "DLNA certified" storage on some devices and wonder if that would just add another layer of complexity I don't need. One more piece to make compatible.
  3. Inexpensive. I totally believe in the "You Get What You Pay For" concept. But I also realize sometimes I'm buying marketing, not product. I imagine that to start, I'm going to want a diskless system (because of $$$) to throw all my drives into, and then upgrade bigger drives as my data and funds grow.
  4. Security. I don't know if its practical, but I like the idea of being able to pop two drives out and put them in my safe and then pop them back in once a week for the backup/mirroring. I like this idea because I'm concerned that onsite backup is not always the safest. Unfortunately those cloud based services aren't designed for Terabytes of raw family video, or an entire media library that isn't wholey from the iTunes Store. I can't be the only one facing this challenge. Surely there's an affordable way to keep a safe backup for the average Joe. But what is it?
  5. Not WD. I've had bad experiences with Western Digital drives, and I loathe their consumer packaged backup software that comes preloaded on their external drives. They are what I meant when I say you get what you pay for. Prettily packed garbage.
  6. Relatively Fast. I have put all my media on an external drive before (back when it fit on one drive) and there's noticeable spool-up hang time. Thunderbolt's nice and all, but so new that its not easily available across devices, nor is it cheap. eSata is not really an option. I love Firewire but I'm getting the feeling that Apple has made it the red-headed step-child of connections. USB 3.0 looks decent, but like eSata, Apple doesn't recognize it exists. Where does that leave us? Considering this dilemma I really liked Seagate's GoFlex external drives because it meant I could always buy a new base and still be compatible. But that only works with single drives. And as impressive as Seagate is, we can't expect them to consistently double drive sizes every two years like they have been -cool as that may be.
  So help me out without getting too technical. What's the best setup? Is it Drobo? Thecus? ReadyNAS? Seagate's BlackArmor? Or something else entirely?
  All comments are appreciated. Thanks in advance.

  I am currently using WD 2TB Thunderbolt hard drive for my iTunes, which i love and is works great.  i am connected directly to my Mac Book Pro. I am running low on Memory and thinking of buying a bigger Hard drive.  My question is should I buy 6TB thunderbolt HD or 6TB NAS drive to work solely for iTunes.  I have home sharing enabled for my Apple TV 
  I also have my time capsule connected just as back up only.   

• What's the best overall solution for managing books and eBooks?

  I have a lot of eBooks (in .mobi and PDF format). I'd like to find a solution (software/system/scheme) such that
  1) The actual content syncs to several devices (Mac, iPad, iPhone) and can be read even when network is not present.
  2) There is a searchable, convenient database of what books are there.
  3) The database can be added to by barcode scanning the ISBN tag
  4) Some entries in the database are linked to full content. That is, I'd enter books that I have in electronic format, but also books from my library that exist only in paper form.
  I'm looking for a total solution to manage all my books - list them all, plus enable ready access to the content for the ones I have. I'd like to have it sync to several devices. What's the best system - anyone have it set up like this? What's the best reader, database app, and way to hang it all together (with iTunes?). Thanks in advance,
  Mike

  I am currently using WD 2TB Thunderbolt hard drive for my iTunes, which i love and is works great.  i am connected directly to my Mac Book Pro. I am running low on Memory and thinking of buying a bigger Hard drive.  My question is should I buy 6TB thunderbolt HD or 6TB NAS drive to work solely for iTunes.  I have home sharing enabled for my Apple TV 
  I also have my time capsule connected just as back up only.   

• Arranging fields in a table-like form: best-Practice-Solution wanted

  Hello Experts,
  I´m wondering if there exists a 'best practice' considering how to arrange fields in a table-like form.
  I know about cross-tables, but that´s not what we need. Most of the requirements that I have come to known are just that certain fields should be put in a certain order in a table-like outfit.
  We have tried to do this using the drawing functions (e.g. putting a square around the fields and certain border styles), but it often happens that the lines overlap or there are breaks between the lines, so that you have to do a lot of manual configuration with the 'table'.
  Since this is a requirement I´ve come upon with many reports, I can´t believe that this is supposed to be the best solution for this.
  I don´t understand why there isn´t a table-like element in Crystal Reports to use for this. E.g. put a table with x rows and y columns in the header or group head section section and then just put the fields in it.
  Many thanks in advance for your help !

  Hi Frank,
  You can use build in templates available in Template expert.
  Click on Report menu-> Template Expert.
  Select the desired template. ( Table grid template would suite best here) and click OK.
  There is no facility of inserting a table directly as you said. You will have to do it manually by using lines and boxes.
  Hope this is helpful.
  Regards

• Third Party VPN Solution - Private/Dynamic Addressing

  I am looking for a solution for the following:
  I need a to bring up sites in remote locations that don't have access to Cisco gear. I would like to be able to grab a PC or Linksys or equivalent and bring up a site to site VPN with a Cisco router.
  The Internet connectivity at these locations typically is using dynamic, private addressing.
  I am aware of the DMVPN solution but again this would require Cisco gear at the remote site.
  We have Cisco gear at the Head End.
  Does anyone know of a model of highly available cheap hardware or a software package that can be loaded onto a PC to accomplish this?
  Please advise.
  Thanks!

  We are looking for a site to site model. I want all the devices on the remote network to be on their own subnet. We need to be able to hit individual remote devices from the head end. The devices at the remote site in turn also need to be able to communicate with each other without having to use the VPN.

• Best Practice / Solutions for using 11g DB+x86 or Small Computer to build iaas/paas?

  My customer wants to build their own iaas/paas using Oracle 11g DB, plus x86 or other small computer, running Linux or Solaris or Unix OS.
  Oracle Exadata is not feasible for them to use currently.
  Customer wants to know whether there are other customers have implemented their cloud solution based on these or not?
  If yes, would like to share the experience, presentation slides, best practices etc.
  Is there an Oracle email DL for asking this kind of question?
  Thanks,
  Boris

  Like Rick, I'm not aware of a specific "cloud implementors forum". Internally, Oracle has lots of material on implementing cloud, using any platform at all, although obviously we feel Engineered Systems are the most cost-effective solution for many customers. Are you interested in IaaS i.e. virtualised hardware, or PaaS i.e. DBaaS? They should not be confused, neither is required for the other, in fact, using IaaS to implement "DBaaS", as the OpenStack trove API attempts to do, is probably the most counter-productive way to go about it. Define the business-visible services you will be offering, and then design the most efficient means of supporting them. That way you gain from economies of scale, and set up appropriate management systems that address issues like patching, security, database virtualisation and so on.

• Best email solution for the iPhone

  After having messed with this since Friday, I've concluded that GMail is the best solution for iPhone email as of today. Let me explain.
  Yahoo Push would be the best if I could specify a different reply-to address. As it stands now, having my emails come from a @yahoo.com address is not acceptable. It seems Yahoo IMAP is the only IMAP that supports push (a marketing decision apparently moreso than a technical one), so push is out until Yahoo or Apple come to their senses.
  AT&T is not offering any email options through their service. I used to have mymmode email but that was years ago, and cingularme is down for some reason. Apparently AT&T wants your money for your voice business, but take your email needs elsewhere.
  Enter GMail. IF you configre GMail using the GMail option on the iPhone, it forces a @gmail.com address too. However, you can use the Other option and configure using the GMail incoming server (pop.gmail.com), and you can specify the user name ([email protected]) but a different address ([email protected]).
  Now, this seems to work only if you use an outgoing server OTHER than GMail's (smtp.gmail.com). During my testing I sent an email and it seemed to come from [email protected] even though I had specified a different address in the Address field. I did not test much as I have another outgoing email option.
  As I have Verizon FIOS at home, I can use my outgoing.verizon.net server authenticating using my Verizon.net address. The added bonus here is that it works in either WiFi or Edge, as Verizon's server doesnt care where you are as long as you authenticate.
  My email IDs are overrun with SPAM and GMails SPAM filters are excellent. this has the added bonus of cutting down on unwanted email on the iPhone.
  Thoughts?

  I am essentially doing the same thing for my Exchange account, which SMTP server can't be reached while off of the campus. I use AT&T's own SMTP server for wireless (cwmx.com, I think), and it doesn't change my From: address, so it shows as though I sent it from my campus's Exchange server. Very handy indeed!

• Best Backup Solution for WAN

  What is the best -according to you- failover WAN solution for hub-and-spoke design network, the central office and all the other sites (10 total) will be within 50 miles, has anyone been faced with same decision making issue? Primary circuits will be PPP T1's, what about the secondaries? Thanks much in advance!

  If you can afford other dedicated T1s, of course use T1s. If you can't afford T1s, use dial on demand, for example ISDN(BRI/PRI). You really need to assess the amount of data that need to be sent over the backup link.
  Regards,
  Jing

• Best Practice Solution with 2 Internet Connections

  Good day everyone,
  We used to have single ADSL connections at our clients that provide the internet connection for the network. We have recently partnered up with a Fiber provider and are slowly busy rolling out Fiber connections at our clients. We are also offering redundancy
  with the ADSL connection as a back up for the Fiber connection.
  I would like to know if anyone has suggestions as to what would be the best practise configuration on various Windows Server platforms to make this possible? The idea is that if the Fiber connection fails (for whatever reason) that the ADSL connection takes
  over. This must be an automated process.
  I am open for any form of suggestions.
  Thanks for your time.
  Rudi

  Hi,
  Our current solution is to have to NICs and have both connect to the server. They then have 2 different IPs and we have the DHCP give out the IP as the gateway. The only problem with that is that we cannot control the automated change of gateway IP if the
  main connection fails. 
  We are also willing to look into other hardware solutions that could control this.
  Regards,
  Rudi