[lopsa-discuss] hardware VPN devices for laptops?
Steve Armijo
armijo at subgeni.us
Tue Dec 20 14:09:52 PST 2005
On Tue, Dec 20, 2005 at 03:08:47PM -0600, David Parter wrote:
> > Can you elaborate on the "reconfiguration" problem?
>
> sure. Especially if the laptop in question is at some other location (a
> hotel room, at home, etc), if there is no software component on the
> laptop, then the support staff (especially me!) doesn't have to try and
> talk something through windows configuration menus and debugging on the
> phone.
>
> The idea is that the hardware VPN box plugs in exactly where the
> broadband modem would be -- it looks just like any other ethernet to the
> laptop, no question about routing tables, which virtual interface is up,
> etc. Windows is pretty good now about a "simple" network connection...
It sounds almost like you'd like someone to recommend one of these:
http://www.tomsnetworking.com/Reviews-54-ProdID-USBVPN1-1.php
I haven't used one and while it sounds like it's definately the right size,
it claims to be Windows only. There also seems to be a somewhat severely
limited support for the corp termination point.
If I were to design some magic box for workers to take home and plug in and
just have work I'd probably base something on the Soekris platform (
www.soekris.com ). It's a little larger than what you'd want to be carrying
around with you all the time. But for home use they are great. Completely
silent, low heat/power.
> Anyone with postitive or negative experiences trying to support such
> devices, or software VPN configurations?
I use the Cisco VPN client for work ( under Linux ) and find it to be very
stable. Others around me use it and have a terrible time. In the past after
lots of grumbling and waving of the apropriate dead chickens I have gotten
FreeS/WAN ( www.freeswan.org ) to begrudge me a connection. Talking with our
IS dept. the general consensus is that the Cisco client is somewhat flakey
but mostly works for Windows and occasionally works for Linux.
As an end user I'm generally in favor of the software route as it's one less
thing to keep track of.
If I had to support it, I'd definately want something that could be made hands
off.
Have you considered configuring the software to run off of read-only media?
-s
More information about the Discuss
mailing list