We currently have 2 sites connected via an EFM link, and an Inty Exoserver at each site with a VPN setup between them.
I am looking to replace these, and I assume 2 smoothwall boxes (SWG-700) will easily be able to replicate this capability.
But we also have a 3rd site which will soon be linked to the second site via EFM, and I would like it connected the same way.
So my questions:
1) Is it possible to have a VPN between 2 sites (call them A and B) and then have a second VPN between one of the sites and a third (C)?
2) If it is, would site C be able to run a Smoothwall Express box? Since there will only be 5 computers and users, it would be overkill to have another SWG-700 there.
for 5 PC's an SWG-700 would be overkill i would have thought, a UTM-300 might be a better option but even then thats going to probably be overkill. It would give you the VPN functionality though i think.....
I'm definitely not the best person to be answering your questions though!
Am sure a Smoothie type person wont be far away with some answers for ya :)
The other option is that depending on your provider they could probably just provide you a private network over the EFMs taking out the need for additional units.
If you have some hardware lying around you could install Advanced Firewall which has all the capabilities of a UTM but it's just a software install.
Indeed... and for VPN you want a UTM box rather than the SWG, but that wont make much difference to you except for..er.. being able to VPN :)
A combination of h/w and s/w smoothies should do it for you. Express is able to do site-to-site VPN, but only in the less secure "PSK" mode of IPSec, although we're talking degrees of security here that probably don't apply ;)