1 of 1 people found this helpful
Not sure about PPTP support, but you might want to consider the SonicWALL TZ series.
If these Firewalls do happen to lack PPTP, they make up for it by having L2TP support and a rather nice little SSL VPN service. Configure a 'portal' and enable, connect to portal IP address using a web browser, download "NetExtender" client which then installs itself and sits in the system tray. From then on you fire-up the client whenever required and connect over TCP port 443 (which means roaming users are unlikely to encounter restrictions in hotels and other public hot spots) and away you go. The SSL connections are terminated in their own security zones, so you can control access using Firewall rules, if you wish.
We primarily sell the higher end Sidewinder/Firewall Enterprise appliances and found the SnapGears to be very useful for remote office installations (I even have one at home). But following McAfee's decision to EOL them we looked at potential alternatives and decided to go with the SonicWALLs. While I've only been working with them for about 6 months, the UTM functions (web filtering, AV, etc...) seem to be pretty good as well.
Hope that helps.
We've gone with Alix based PFSense installs for our SMB clients, maybe even a SuperMicro Dual core atom setup if they need more features. PPTP works, OpenVPN works, IPSec works. Once we start getting into more UTM features like proactive scanning and intrusion detection we start recommending Astaro Secure Gateways. More expensive, but the features are worth it.
These look a little "roll-your-own" which we have never done with routers. Do you have a specific recommendation for something like what we're trying to do as an SG310 replacement? We loved the SG setup for our field techs because it was so simple and there were not many options to lead them astray. All the newer units are much more difficult to set up.
Would something like Netgate m1n1wall 2D3/2D13 give us the basic functionality we need:
basic internet router for DSL/T1 hookup with basic firewall protection and NAT
IPSEC tunnel back to home office
PPTP server for inbound VPN connection direct to site
Thanks for your help.
The Netgate appliance works great for what you want. PFSense isn't too difficult to learn, and there's a great book out there if you need extra assistance.