Hi,
Need to buy something relatively quick. I need to have multi-factor authentication on a VPN and be able to saturate at least a 100mbps stream with multiple vpn connections. I want multiples of both router-to-router and router-to-workstation connections. I’m not a VPN expert, just know my data needs. Need good encryption.
Here’s my basic layout, hopefully can do all with one device but if 2 devices will drastically reduce cost or increase performance then that’s OK.
- DMZ: Some public access on http and https and maybe a couple other things. Relatively low bandwidth.
- Guest: Internal guests get internet only, no internal access. Probably hooked to a SOHO wireless router. Low bandwidth, no more than 1 or 2 users.
- Basic access: Normal userland network. Possibly high bandwidth with or without VPN, or through workstation-initiated outbound VPN (router is not involved)
- Higher security. Contains servers with limited access from Basic network. Possibly high bandwidth through VPN
- Multi-factor VPN can get anywhere (hooks into vlan 4?)
For transfer between VLANs without VPN (initiated from 4 or between vlans < 3 ) I would need good line rates.
From any vlan 1-3, to get unrestricted access to vlan 4 you would need the VPN.
Can somebody say what hardware is needed for this? It’s a relatively small number of machines inside but they’re servers and we frequently transfer large backups in both directions. Figure a 200mbps connection with mixed vpn/non-vpn traffic, and 6to4 enabled.
I’m hoping for something like a ccr1009-8G* or a ccr1016-12g might do the trick. If something cheaper could do it that’s fantastic, but I need to make a correct decision here.
Thanks.