![]() ![]() Ah, ShrewSoft looks like a great contender, and the type of thing I was looking for when I posted (that, and to be told whether I was incorrect, and to rant). I haven't had a chance to test it myself but it looks like it might be a good thing. Quote:Originally posted by Paladin: ShrewSoft VPN Client. Which is kind of interesting and terrifying at the same time - View image here: - Windows 7 Enterprise features explained Lastly, i read about some neat feature in Windows 7 and win2k8 R2 that is supposed to allow an always on connection back to corporate without a VPN client. Running mine on Vista X64 with no issues. They've continued to add functionality into the client. That all being said, we've had no problems with the SSL VPN and the client is great. Eventually, i figure, SSL VPN is going to be a standard and it will be free. What also sucks is if you cluster your ASA (which is common in the enterprise), you need to buy SSL VPN licenses for EACH ASA. but I agree, those SSL VPN licenses were kind of expensive. Now, cisco does it a little better and charges for concurrent usage. So, in principle, I agree with M.Jones.However, Cisco, Juniper, F5, etc, all the major players charge per user for SSL VPN. In theory it's a good system, in practice, most people have either made the grid their wallpaper, or have a printout of their grid taped to their laptop. The grid points change each time we log onto the VPN. ![]() When our domain credentials are passed on as accurate to the VPN concentrator we are then asked for 3 grid points as a second level of authentication. ![]() We are all assigned a unique grid setup with letters and numbers in each coordinate point. I'm familiar with two-factor auth via a OTP, but what are grid coordinates? Some quick googling gave me plenty of info how geometry and how to read a map, but not much relating to VPNs - View image here:. I'd rather pay someone else than pay Cisco extortion fees, but free or open source would be best. I don't see any GUI freeware or open source clients. Sure, there are circumstances where SSL VPNs are the right tool for the job, but not for us and I have absolutely no intention of changing to a proprietary solution nor to changing to per-user licensing, much less paying Cisco extra for those per-user licenses that I don't need nor want.Looking around, it seems like Windows users are using other L2TP over IPsec clients, such as the commercial NCP universal IPsec client or a Win32 port of the open-source VPNC, compiled under Cygwin. This won't work with PIX devices and this won't work with ASAs that don't have the extra-cost SSL VPN licenses (ASAs have unlimited L2TP over IPsec connections, and L2TP over IPsec is quite interoperable between clients and servers).Looks like Cisco is trying to lock everyone into a proprietary solution, and then charge more per-user for the privilege. The issue is that, AFAICT, An圜onnect is Cisco-proprietary SSL VPN only. They're essentially saying that An圜onnect is the only way 64-bit Windows is going to be supported. I see that for 64-bit Windows, Cisco says to use their An圜onnect "next generation" VPN client. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |