• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2055
  • Last Modified:

What are good L2TP VPN firewalls for Mac OS X?

Hi Experts,

Do you know what VPN-firewalls/routers work well with Mac OS X (verified as working well)?
I want to set up a VPN router (for a client) that supports L2TP, and we want VPN authentication on the firewall. The Zyxel Zywall USG 100 looks fine, but according to info I found -and answers I got from Zyxel support- there are issues with this particular model and Mac OS X clients.

So my questions are:
1. Do you have experience with the Zywall USG 100 and Mac OS X? If so, is the L2TP VPN connection stable?
2. What other brands/type firewalls would you recommend? It's for a small company, ±10 VPN users and must support L2TP on Mac OS X and iOS.
0
Mac2010
Asked:
Mac2010
  • 4
  • 4
3 Solutions
 
BITS_LACommented:
We have deployed countless Netgear models in both Mac-only and mixed environments with great success. We also use Sonicwalls now and again, but for the money Netgear is great. I would not go with anything below the FVS338, the process is the 318 is not the greatest and it has WAN capacity issues.

We have tested for the following:

FVS338 max WAN 15Mbps/12Mbps
FVX336G and the FVX538 max WAN 64Mbps/42Mbps

Don't by the combo Wifi one.

We use VPNTracker for the VPN, there is also a open source program called IPSecuritas I believe.

Do you have a server in house? There are some apps that can provide the L2TP if you don't have the server OS.
0
 
Mac2010Author Commented:
Thanks! It looks like the Netgear devices you mention do not support L2TP (they support IPsec and SSL VPN). What SonicWall device have you been using? In this situation money is less of an issue than security. That's why I prefer authentication on the firewall/router instead of on the Mac OS X server.
0
 
md624Commented:
Cisco's ASA 5505 is great. Cisco's VPN protocols are directly integrated into both Mac OS X and iOS.
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
Mac2010Author Commented:
Do you know if the Cisco and Netgear devices supports clients (like teleworker) who reside behind a public IP adress (home, hotel, small business) and use a private IP address? IE: router has public IP address (like 81.82.3.4) and share this address (NAT) with computers using a private address (like 192.168.1.X).

The Zyxel firewall has a problem with that. I haven't figured out yet if that is to blame on the Zyxel firmware, or on L2TP.

Sorry for the 'newbie' questions. So far NAT and certificates work fine for me, but now I need to get into the VPN stuff more in-depth than I have until now...
0
 
md624Commented:
The Cisco ASA supports NAT traversal. I do not have any experience with Zyxel.
0
 
md624Commented:
Also, if you purchase a support contract with your Cisco device, you will get excellent 24-hour support from Cisco.
0
 
Mac2010Author Commented:
Thanks. I will look into this tomorrow. Do you have experience with SSL VPN? It looks interesting but I wonder how stable the Java applets work.
0
 
md624Commented:
The AnyConnect VPN client from Cisco is stable on all platforms we've tried to use it on, primarily 10.5 and 10.6.
0
 
Mac2010Author Commented:
I checked the routers. The Cisco is the best replacement for the Zyxel I originally had in mind. The Netgear device I'll keep in mind for another job.
As far as I can tell you need IPSec with NAT traversal instead of L2TP. Thanks for helping me out.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: MCSA MCSE Windows Server 2012

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

  • 4
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now