> > (your license runs out, the box is a paper-weight)
Should be a hard no for anyone purchasing network equipment anyways, but people have reasons I guess. On Thu, Feb 10, 2022 at 1:19 PM Shawn L via NANOG <nanog@nanog.org> wrote: > Meraki MX series? > > > > I don't like the way they do their licensing (your license runs out, the > box is a paper-weight) but they do really well at establishing site-to-site > VPNs in some pretty challenging scenarios. Dynamic IPs and NATs don't > really cause them a problem. Some CGNats do (AT&T I'm looking at you). > > > > > > Shawn > > > > -----Original Message----- > From: "Keith Stokes" <kei...@salonbiz.com> > Sent: Thursday, February 10, 2022 1:11pm > To: "William Herrin" <b...@herrin.us> > Cc: "nanog@nanog.org" <nanog@nanog.org> > Subject: Re: VPN recommendations? > > Pfsense on Netgate appliances? > I’ve used several of them, while not for this exact purpose they have done > the roles but maybe not the amount of VPN traffic. > > -- > Keith Stokes > SalonBiz, Inc > > On Feb 10, 2022, at 12:02 PM, William Herrin <b...@herrin.us> wrote: > > Hi folks, > Do you have any recommendations for VPN appliances? Specifically: I need > to build a site to site VPNs at speeds between 100mpbs and 1 gbit where all > but one of the sites are behind an IPv4 NAT gateway with dynamic public IP > addresses. > Normally I'd throw OpenVPN on a couple of Linux boxes and be happy but my > customer insists on a network appliance. Site to site VPNs using IPSec and > static IP addresses on the plaintext side are a dime a dozen but traversing > NAT and dynamic IP addresses (and automatically re-establishing when the > service goes out and comes back up with different addresses) is a hard > requirement. > Thanks in advance, > Bill Herrin > > -- > William Herrin > b...@herrin.us > <https://bill.herrin.us/> > https://bill.herrin.us/ > >
