Router/Firewall for 2 Public IP addresses and supports VPN - on a budget

RDK45 · Jun 4, 2016

We have a small office setup (two office PC's and three servers) which currently has access to the Internet via an old Cisco 2620 IOS 12.0 firewall/router via two public IP addresses. We have two public address as we have split the servers, one on address A and the two other on address B. That is all working fine!

However, we would like to also get VPN access to the office from home. As far as I can tell our Cisco 2620 unit does not support VPN unless we upgrade the IOS to 12.4T which since our unit is old and not on any kind of service contract is basically impossible unless we want to spent lots of money with Cisco.

Can anyone recommend a more current firewall/router with will accept two public address internet connections and will provide VPN access on one of those addresses, AND will not "break the bank".

Thanks...RDK

nigelivey · Jul 28, 2016

Pfsense running on either an old pc or buy a prebuilt direct from them or a vendor like pcengines.

hackerk · Jul 28, 2016

You can go for juniper or alkatel or huawei router cum switch which will support VPN facility with multiple public ip address and it won't cost much to you also.

bill001g · Jul 28, 2016

I suspect unless your internet connections are very small a 2620 will die trying to run vpn. It takes a lot of cpu power to run vpn. You technically can get vpn on some versions of 12.0 software but it is still a different firmware you technically need to pay cisco for.

If you are getting your internet via a t1/e1 type of line then you will still need a actual router. You may want to keep the 2600 and use it as a bridge to terminate the lines and pass them to another device via the ethernet port using vlans.

If you are getting ethernet based internet I am surprised you kept the 2600 as long as you did.

As mentioned juniper make very inexpensive firewalls that can do this. Since you don't seem to mind very old equipment you can get netscreen gear really cheap. After juniper bought them the ones with only netscreen labels got very cheap. Juniper has moved most their firewalls to the Junos software. Many people still say the netscreen was better.

The really nice thing about commercial firewalls is they will tell you the actual rates that you can expect running vpn software. They are of course trying to get you to buy ones with vpn accelerator chips but it is better than many brands that give you some magic maximum number you can never actually get.

Re reading your post....if you mean you want end client based vpn for incoming sessions that is a very different requirement. You can of course manually setup IPSEC but if you want something like SSLVPN or lots of clients you need a very special device to do that. The cisco 2800 series has some ability and I forget if they also do it on the newer 2900. Cisco really pushes you to buy a outrageously expensive server appliance...works really good just very expensive.

Search

Router/Firewall for 2 Public IP addresses and supports VPN - on a budget

RDK45

Honorable

bill001g

nigelivey

Splendid

hackerk

Distinguished

bill001g

Titan

TRENDING THREADS

Latest posts

Moderators online

Share this page