September 10, 2009 at 9:02 pm #41912
Does anyone have any real-world statistics/info/capacity on using the net5501 with zeroshell that they’d share?
I have 8 locations that each have a couple of public internet connections and one MPLS connection. Each of these different circuits are of varying speeds. I hope to balance traffic across each of these circuits.
I plan to have lan to lan vpn connections between all sites and each site will support host to lan vpn. Most of the vpn traffic is to our email server which is in one location for all and our ERP system(mainly telnet) which is also in the same location. Each sites has their own local file servers. We will have some voice and video traffic that would ideally be sent site to site only on the MPLS circuits.
Number of clients at each location varies from 20-150. Average is probably closer to 50.
So, my questions are:
1. I think zeroshell is a good fit for what I’m trying to do. Does anyone see any blaring issues that I’ve apparently overlooked?
2. Will I be able to bond/balance vpn traffic with public(internet) and private(MPLS) circuits?
3. Will I be able to prioritize my voice/video traffic and pass it only down the MPLS connection unless it’s down and I have to use the other circuits?
4. Will the net5501 be a good fit for what I’m doing? Enough horsepower? If not, what would you guys recommend? I’m hoping for embedded, don’t want moving parts that fail. 🙂
I’m kind of rambling on but for anyone still reading;
My current setup is:
Cisco PIX for site to site vpn at all sites. I have a proprietary device outside of PIX that all circuits(except MPLS) connect to. This provides load balancing/fault tolerance. I have Cisco vpn concentrator at one site only on one circuit(can’t multihome) for host to lan vpn users.
Due to expensive licensing, age of all devices and somewhat shady business practice of the manufacturer of the load balancing unit, I would ideally like to replace the PIX, load balancing unit and vpn concentrator at each location with one zeroshell box. Does this sound possible?
Thanks for any advice/help you guys can give.September 16, 2009 at 3:02 am #48734
Can anybody give me a quick yes or no on the Soekris for what I am trying to do?
Do I need more horsepower?September 18, 2009 at 2:38 pm #48735
The Soekris will work great at the remote offices, however I would get something more powerful for the main office. From my personal experience VPN decoding is very CPU intensive and running 8 VPN’s might choke out one of those 5501’s.September 18, 2009 at 4:36 pm #48736
Very good. Just what I was looking for. I have my first 2 5501 units that I’m starting to setup and test.
Thanks for the reply.September 18, 2009 at 4:52 pm #48737
Can anyone recommend a good higher end machine for the main office in the above scenario?
I’d prefer no moving parts, fans, etc.. but will probably have to at leave have a CPU fan.
Thanks againSeptember 21, 2009 at 10:14 am #48738
How about a custom made pc, that is fanless, or with a big heat-sink and a slow fan that won’t be heard at all.
Choose a CPU that is not emitting too much heat, such as a Celeron. If you are in trouble with CPU utilization due to VPN tunnels, you can install a crypto accelerator.September 21, 2009 at 2:37 pm #48739
You must be logged in to reply to this topic.