| gabriel rosenkoetter on Wed, 26 Sep 2001 09:50:17 +0200 |
|
On Tue, Sep 25, 2001 at 09:40:31PM -0400, Michael Leone wrote:
> Thanks; I still need to work on them a bit, before saying something like
> "Let's NOT use this somewhat exepnsive Pix ... " :-)
> especially when the thing CAN do all I'd need it to do - my problems are
> more political than technical.
Fair enough.
Oh, as far as your dialup users go, have you considered using DDNS,
having tcp_wrappers look at DNS, and having some secure way for the
users to do the DDNS component? (The obvious flaw in this is the
last step.)
As regards VPN through the PIX... what you describe seems like a
patently ridiculous policy. Have you seen if any third party
(cheaper) VPN software speaks to the Cisco and works on ME?
> That would be cool. HOWEVER, you might be surprised at just how many
> managers feel more comfortable knowing that Cisco is *OBLIGATED* to
> answer the phone and help them in a timely manner, especially when it
> goes down. Never mind the yearly maintenance cost. :-)
Sure, but Wasabi makes quite a few livings doing software (involving
a whole lot of esoteric hardware support) for building embedded
machines for plenty of people who would be quite willing to answer
the phone if paid to do so. (Oh yeah, and we supported Intel's
64bit chip first. And, last I heard, we were waiting on AMD.)
The fact that the software is open source doesn't mean there's no
saleable product. :^>
--
~ g r @ eclipsed.net
Attachment:
pgpJKU6nM3TuX.pgp
|
|