Ken Bantoft wrote:
>
> On Tue, 16 Jul 2002, Jon Molin wrote:
>
> > Hi list,
> >
[snip]
> >
> > He (the partner's) argumentation is basicly "we've had problems before
> > with others who wanted other systems, a nortel can be set up in two
> > hours and we'll have it all working". I'm not fully buying this
> > argumentation as we will set the nortel up in four different locations
> > with four similar firewalls and I figure once we get the first working
> > with freeswan it'll be basicly just to transfer the config scripts to
> > the other firewalls.
>
> Normal argument "We don't know anything else, so use what we know". After
> using FreeS/Wan for a few weeks, you can set it up in 15 minutes too.
> FreeS/Wan -> Nortel is iffy... It worked at one point using the older code
> (both on Contivity head end and FreeS/Wan) but I don't know about recent.
> I'm using Netlock's Contivity client for Linux remote users, but it's not
> designed to run as a remote office. I've been debating on testing more
> recent stuff, but it's low on my priority list, as I don't ever plan to do
> it for any reason other than "see if it works". If someone was really
> keen on this, I can do the contivity side easily enough, but I'm not setup
> to do the FreeS/Wan side.
>
Do I understand right that FreeS/Wan -> Nortel is big trouble. Becouse
that's exactly what I need to do...My biggest problem is time, if
there'll be loads of hassle and it'll take alot of time my boss won't be
with me as 'time is money'(tm).
> > The system the partner use is 'Cisco Pix 515 firewall or a Nortel
> > Contivity switch' and as far as I could see in the freeswan docs are
> > these supported, right? The systems they want us to use are three
> > 'Nortel 100s Contivity switch/ firewall' for three low traffic
> > locations and a 'Cisco B2B VPN' for one high traffic location with up
> > to 11 concurrent sessions.
>
> I use FreeS/Wan, Nortel and Cisco VPN tech. @ work. The one I have the
> least amount of trouble with is the FreeS/Wan. Setup, and forget it.
> I've got 4 Contivity 2600's, but I only use them for remote workers, not
> remote sites. The Cisco's are used for business partners with the same
> attitude as yours... "Cisco or nothing", so I jam them into a little 1720
> and then run all the traffic through a firewall.
>
I trust you on that one. I'm no fan of cisco and their 'you need a
license for every little function you might wanna use' attitude.
> > Will it be hard to set up? Will a P2 350 be enough for our 10Mbit
> > connection? Can you add some arguments for me?
>
> Depending on the # of tunnels, probably. See docs/performance for
> details.
> >
> > Unfortunately doesn't I have the last saying, if they go NO I'll have to
> > use their nortel/cisco sollution so I need good arguments.
>
> You've got the main ones... if *you* are stuck supporting it, you'd want
> something you know, and don't wanna spend additional $, since you have the
> equipment in place already.
>
A big problem is initial time and lack of long term thinking (ever heard
that before?). They don't include maintainance they just count from
start untill one is up and running. Unfortenately if the initial time is
huge the chance I'll have my boss's support is pretty low.
/Jon
> --
> Ken Bantoft One Unix to rule them all, One Resolver to find them,
> ken_at_networkoverlord.com One IP to bring them all, and in the zone, bind them.
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:23 CEST