I run a small to medium sized business with a handful of sites; about 10-20 users per site and a handful of OpenVPN clients (per site). About 3 years ago I deployed Cisco RV325s, which was not a good idea. They are now approaching EOL and need to be replaced. The RV325 has been a huge headache. The configuration interface is terrible, VPN support is limited, and I just found out today that in the most recent firmware version (released to fix yet another vulnerability), the system config database is now broken so that VPN client certificates can no longer be added without downgrading the firmware and wiping the device.
So, I am looking for recommendations for a newer edge device having ~1 Gbit throughput capability, reasonable firewalling & logging features, and IPSec support (for tunnels to AWS). We use basic NAT but no other routing protocol support is required. We run these devices as edge between telco CPE and our network so switch ports and wireless are unnecessary. The RV325 has OpenVPN built in, although it only supports MD5 which was removed from the client in Version 3. So, having an OpenVPN server built into the device is a nice to have, but there's no reason I can't deploy OpenVPNAS on AWS and tunnel back from an instance. All of my experience is (1) 10 years ago, and (2) with enterprise devices (Cisco, Juniper) and not "small business" class routers... so I don't know where to look. A 1-2 year old product is fine as long as I can get 2-3 years of support for it. Any ideas/suggestions would be really appreciated, especially if there is something you are already using and are happy with.
TL;DR RV325s are garbage; help me find something better.
No comments:
Post a Comment