I've already posted this question under routers, and am surprised not to have received any comments yet, so I'm posting here, too. You can pick up some more points for providing any new info at http://www.experts-exchange.com/Hardware/Routers/Q_21339222.html
Please advise on the pros/cons of available Firewall/VPN devices for my network.
Here's my current setup for 50 LAN users and 20 VPN users:
- 2 T1 routers with basic firewalls
- Xincom XC-DPG502 Twin-WAN router
- PPTP VPN handled by Windows 2000 Server
- 1 NIC on the server for Internet
- 2nd NIC on the server for LAN
- All LAN and VPN clients getting DHCP config from server
I'd like to have VPN and DHCP handled by a stand-alone device so I can take my server offline without affecting Internet availability for clients. I’d also like VPN authentication to be handled by Active Directory so I don’t have to keep track of users separately on the VPN device. I’ve looked at CyberGuard, WatchGuard and Cisco Pix devices, as well as cheaper devices like the Linksys RV016. I don’t understand how a $400 device like the Linksys RV016 differs from a more expensive device like a Cisco PIX, for which you have to pay additionally for more than 10 VPN clients.
Also, I’m only using one of my public IPs now, though I’ll need to start using more so I can have multiple web servers. How will that affect my choice of devices?
Also, will an IPSec VPN behave any differently than the PPTP I’m using now?
Thanks in advance.