Looking For a New VPN (ZeroTier)
-
I would like to upgrade the Windows Server RRAS/VPN that I am currently using to give remote access to our network resources.
I was considering using the VPN that is built into our Palo Alto firewall, but @scottalanmiller suggested ZeroTier to me, so I decided to take a look at it. It looks pretty sweet, but I've come across one issue with it, in that it is not what I like to call "on-demand".
Our current system is not generally used as an all-the-time VPN. Users connect to it when they are outside of the building, do their work, and then disconnect when they are done working. I've only started playing with ZT, but it seems like it is always on, and also needs Admin access to adjust.
Generally when outside the office our users are either using their work laptop, or a home machine. Some of the users (mainly executives) also use that laptop for stuff at home we might block here at work. I understand that using home machines, and not sending traffic on work machines through the corporate firewall are generally considered unhealthy business practices. And probably not something a lot of you dabble in. But, it is just part of the culture of our company, and I am not looking to change that ATM. I'm really just looking for a way to modernize what we are currently using. Hopefully this doesn't fall into the "home media server with RAID" level of question.
So, any thoughts anyone has would be appreciated. Or if I am thinking about ZT all wrong, let me know.
-
@BRRABill said:
I understand that using home machines, and not sending traffic on work machines through the corporate firewall are generally considered unhealthy business practices.
We do, I'm here for ya man. Our only consolation is getting paid to fix all the messes they make.
-
@MattSpeller said:
We do, I'm here for ya man. Our only consolation is getting paid to fix all the messes they make.
It's really not a terrible scenario. We are very small, and it works out pretty well for everyone.
Would it work for everyone here on ML? Of course not, but it works for me.
Though slowly I am moving stuff to the world of "best practice" as I can.
-
@MattSpeller said:
P.S. That picture is a little creepy, LOL.
-
@BRRABill said:
@MattSpeller said:
We do, I'm here for ya man. Our only consolation is getting paid to fix all the messes they make.
It's really not a terrible scenario. We are very small, and it works out pretty well for everyone.
Would it work for everyone here on ML? Of course not, but it works for me.
Though slowly I am moving stuff to the world of "best practice" as I can.
Yeah same story here but we're moving in the opposite direction.
"High performance people require high performance tools"
Which apparently translates to "let them do whatever the (@*#% they want"
-
@BRRABill said:
@MattSpeller said:
P.S. That picture is a little creepy, LOL.
So are home machines on the LAN
-
The point of ZT is to be "always on" so that Laptop users don't really even have to think about turning it on. And like everyone else, I think home machines on a corporate network are scary.
-
I have been working with Minion Queen and she let me know about your post. I think we might have exactly what you are looking for in our newest product from Golden Frog. With VyprVPN Server you can deploy an entire VPN network within minutes, have access to our modern client apps, and securely protect those internal resources.
We’d like to offer you a free account to try VyprVPN Server and get you upgraded as quickly as possible! You can email me directly [email protected] and I can help you get that setup.
-
@Austin_GF Are you based in Panama? The golden frog is their emblem.
-
Golden Frog isn't based in Panama, but the story behind our name is
Our Co-Founders / Co-CEOs Ron and Carolyn Yokubaitis were Peace Corps volunteers in Brazil during the late 1960’s. After their service in the Peace Corps, Ron and Carolyn spent time travelling in Central America. Along the way, they stopped in Panama where they visited the Golden Frog Coffee Bar — a popular spot for travelers. Fast forward to 2008, when they returned to Panama for the Latin American Internet Conference, and wondered if Golden Frog Coffee Bar was still around. The coffee bar was no longer in business, but they were excited to learn, as you mentioned, that the Golden Frog is the national animal of Panama. Even better, they learned that the Golden Frog also has a very unique way of communicating with other frogs – it waves to them! This is why our company was branded as Golden Frog, and why our logo is always waving
-
Golden Frog monument near El Valle, Panama when I spent last summer there.
-
Here is my family at the monument with a view of the mountains in the background. We liked Panama a lot. (I have two kids, one was pouting and refusing to be in the picture.)
-
@Austin_GF said:
First of all, welcome to MangoLassi!
Second of all, thank you for not calling my network setup creepy. But I'm not judging anyone else here. Most of whom have already called my network creepy.
Third of all, I will shoot you an e-mail.
-
@scottalanmiller said:
Here is my family at the monument with a view of the mountains in the background. We liked Panama a lot. (I have two kids, one was pouting and refusing to be in the picture.)
Did she take the picture at least?
-
@Austin_GF said:
offee bar was no longer in business, but they were excited to learn, as you mentioned, that the Golden Frog is the national anim
I think for your situation, you should just use the Palo Alto as you mentioned in the OP. You've already paid for it, it gives you the On-Demand option you want.
-
Wow - I didn't realize how beautiful Panama is! I've been to a few places in South America, but haven't been able to explore Central America yet. Looking at your picture I can see why our founders decided to stick around for a while!
-
@Austin_GF Does VyprVPN have a gateway feature to allow devices that aren't able to run an app become accessible to VPN clients?
-
Tucker from Golden Frog, here.
At this time VyprVPN Server does not have this as an option, however, this feature is planned for a future release. I'd really like to get you engaged in our feature planning! If you'd like to try the current version of VyprVPN Server, message me at [email protected]. Thanks!
-
@Tucker Thanks but I am currently using Pertino and its gateway feature. I have had a rough go of it from the start but things are looking up. I have some ShoreTel voice switches that I need to provide access to remote users for "softphone" capabilities so not having the gateway makes it a no-go for me. I will be checking in from time to time though.
-
@wrx7m no problem! If you're ever interested in the future, reach out to us.
