Improved security, but avoiding extra hardware and power

We're currently running IPSec VPNs (tunnel mode) between our various ADSL lines. We'd also like to run some VPNs to our colocated server in Maidenhead.
So for example our current, subnets would be tunnelled for example to and then VLANed on to our server (possibly via a separate cable or pair of cables).

We could use a Firebrick 105 - but they don't do IPSec...

We could buy a 1U or smaller firewall to do this, and we'd also have to pay for the ongoing space, power, ports etc...

Possible Solution:
Could A&A's FB6000s do this for us? We'd be prepared to pay for this service, some £-tens per month (the website says £15.10 for a FB105, it would probably cost us more for our own IPSec/firewall device).

We're using mainly Draytek Vigor 2820s which can do IKE with preshared keys or x509 certificates.

Author: nigelw, 15.10.2010, 10:38

In other words (another user's idea)

End-user firewall filtering on AA's side

I usually maintain a list of blacklisted IP addresses (from SSH bruteforce attacks, IP scanning, etc...), where I just drop all the inbound traffic. It'd be great if I could upload a simple filter, perhaps iptables/ipfw/BPF, to get traffic from these addresses dropped before it even has to cross my ADSL line.

Author: Paul Evans, 22.10.2010, 12:03
Idea status: under consideration


Mellie, 03.04.2017, 20:16
That's cleared my thoughts. Thanks for coiitnburtng.
Mellie, 03.04.2017, 20:17
That's cleared my thoughts. Thanks for coiitnburtng.
Forever, 14.04.2017, 05:14
TYVM you've solved all my prembols
Charla, 15.04.2017, 00:00
People nolmlray pay me for this and you are giving it away! http://fqbmdysu.com [url=http://enbwbabiw.com]enbwbabiw[/url] [link=http://iaycjgqugfr.com]iaycjgqugfr[/link]
Starleigh, 15.04.2017, 17:55
This is crytsal clear. Thanks for taking the time!
Janaye, 17.04.2017, 03:23
This inaormftion is off the hizool! http://hjoeeub.com [url=http://puqrzww.com]puqrzww[/url] [link=http://gbcreji.com]gbcreji[/link]

Leave a comment

Copyright - 2019 Informer Technologies, Inc. All Rights Reserved. Feedback system is used Idea.Informer.com