[Novalug] Linux alternative to ISA server

Kevin Chin kevinchin5@gmail.com
Mon Oct 29 15:57:02 EDT 2007


I hadn't heard of Smoothwall before... looks like a decent option though.
Another that might fit the bill is Astaro Security Gateway (www.astaro.com)
- FYI, they make both a hw/sw appliance as well as offer a sw-only version
(based on Linux).  I've installed it in a lab environment in the past and it
was pretty simple, but haven't used it in production.

Anyone used both and can compare?

TTYL.
--Kc


On 10/29/07, Daniel Copeland <daniel.l.copeland@gmail.com> wrote:
>
> Smoothwall, located at http://www.smoothwall.org, may or may not have all
> the features you're looking for.  But Firewalling and VPN is included in a
> super-easy setup that is web-based.
>
> On 10/29/07, Miguel Gonzalez Castaños <miguel_3_gonzalez@yahoo.es> wrote:
> >
> > Hi all,
> >
> >   In our corporate network We have an ISA server running as our
> > corporate firewall and VPN server for about 50 employees onsite and 7
> > offsite permanently, although around 40-60% of people make extensive use
> > of VPN while they are in meetings or in off hours.
> >
> >   The current server is a HP Proliant DL 320 G3 with about 18 Gb of
> > SCSI drive and 1.7 Gb of RAM and a Pentium III
> >
> >   The overall impression is that our VPN is slow and the idea was to
> > replace the server with a bigger one. But I'm really concerned that is
> > not a very fault tolerant way, since We only have one VPN/Firewall
> > server.
> >
> >   I've researched a little bit and I found this:
> >
> >   http://www.jacco2.dds.nl/networking/freeswan-l2tp.html
> >
> >   So apparently We could have a setup similar of VPN and let people not
> > worry of changes of VPN clients (We use the default VPN clients). My
> > concern is that we wanted also Active Directory integration and I think
> > It'd be nice and load balancing options, so We could keep both machines
> > and still be able to work if any of the two machines go down.
> >
> >   The important thing here it would be to be able to manage the
> > redirection rules easily (maybe a web manager?) and integrate the users
> > in the AD structure so We won't have to be creating local users in our
> > Firewall.
> >
> >   I know this is still too vague, but I'd need some rough ideas and
> > someone pointing in the right direction
> >
> >   Miguel
> >
> >
> > _______________________________________________
> > Novalug mailing list
> > Novalug@calypso.tux.org
> > http://calypso.tux.org/cgi-bin/mailman/listinfo/novalug
> >
>
>
>
> --
> Daniel L. Copeland
> ACNS
> 7033658283 x106
> Cell (571)437-5497
>
> Please avoid sending me Word or PowerPoint attachments.  See
> http://www.gnu.org/philosophy/no-word-attachments.html
> _______________________________________________
> Novalug mailing list
> Novalug@calypso.tux.org
> http://calypso.tux.org/cgi-bin/mailman/listinfo/novalug
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.firemountain.net/pipermail/novalug/attachments/20071029/5697cd9c/attachment.htm>


More information about the Novalug mailing list