[ previous ] [ next ] [ threads ]
 
 From:  Chet Harvey <chet at pittech dot com>
 To:  Jean-Francois Theroux <jftheroux at privalodc dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Maximum IPsec tunnels?
 Date:  Fri, 17 Dec 2004 16:50:03 -0500
IPSec is really a function of the system encrypting and decrypting. I assume
these will be static tunnels and not PPTP or Roaming connections. this also
looks like you are talking a "spoke" style mesh which means one m0n0 will also
be routing all traffic. (I.E. the m0n0 spoke is M0n0A and sites M0n0B and M0n0C
will talk to resources on M0n0A and also be able to talk to each other)

I would say that m0n0 could handle 50 static tunnels on the right hardware. A P4
with a decent amount of RAM would suffice but yeah adding a hardware crypto
would buy you a lot more stability.

Anyone deploy this large a "spoke" infrastucture w/ m0n0's?
 
Chet Harvey
Pitbull Technologies <http://www.pittech.com/> 
Protecting your Digital Assets
703.407.7311


Quoting Jean-Francois Theroux <jftheroux at privalodc dot com>:

> Hello,
> 
> 	We have to deploy for a client a VPN solution for all their sites. 
> After demonstrating m0n0wall to them, they fell in love and want to use it.
> 
> 	So my questions are as follow:
> 
> 	1. How many tunnels is it possible to have? Their setup is this, 	 
> they have a central office, which would have a main VPN 			   'hub', and 
> around 50 tunnels to 50 differents other offices.
> 	   Would m0n0wall be able to handle that kind of traffic?
> 
> 	2. If answer is yes to question 1, what kind of hardware would 			 
> you guys suggest? I was thinking something like a pentium 4 			   with 2 
> gigs of RAM. Maybe with a hardware crypto card also.
> 
> Thanks in advance,
> 
> -- 
> Jean-Francois Theroux
> Systems administrator
> 514.726.3732
> PrivalODC
> http://www.privalodc.com
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
>