Page 4 of 12 FirstFirst ... 23456 ... LastLast
Results 31 to 40 of 119
  1. #31
    Untanglit
    Join Date
    Mar 2008
    Posts
    21

    Default

    Quote Originally Posted by sky-knight View Post
    I don't grant much sympathy for use of devices that lock you in to the degree that all Apple products do. You bought the things... now you're stuck dealing with them.
    Sorry, but that's a two-way street, buddy. The same can be said for people who bought Untangle, and are stuck with dealing with the fact that it only supports OpenVPN, and no other industry standard VPN.

    Those of us who implemented Untangle for free, and later discovered we needed something other than OpenVPN, may not have quite the financial investment, but we do have an significant investment in time, resources, and frustration. Thanks for blowing us off. Shows how much you don't really give a crap.

  2. #32
    Untangle Ninja mrunkel's Avatar
    Join Date
    Jul 2008
    Posts
    3,040

    Default

    Quote Originally Posted by woode View Post
    Sorry, but that's a two-way street, buddy. The same can be said for people who bought Untangle, and are stuck with dealing with the fact that it only supports OpenVPN, and no other industry standard VPN.

    Those of us who implemented Untangle for free, and later discovered we needed something other than OpenVPN, may not have quite the financial investment, but we do have an significant investment in time, resources, and frustration. Thanks for blowing us off. Shows how much you don't really give a crap.
    You know that sky-knight doesn't work for untangle right? He volunteers his time here for free.
    m.


    Big Frickin Disclaimer:
    While I'm pretty sure, I can't guarantee that I know what I'm doing. There might be a better way to do this, and this way might actually suck. Make sure you understand the implications of what you're doing before trying to follow these directions.

    It often helps troubleshooting if you have a good network map. Look here if you want my advice on how to draw one.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #33
    Untangle Ninja mrunkel's Avatar
    Join Date
    Jul 2008
    Posts
    3,040

    Default

    So to summarize, you want IPSEC to:

    1.) Work with every other vendors IPSEC implementation for site to site.
    2.) Work with Windows, OS X, and linux IPSEC native clients. Oddly, it's the windows one that would be hardest.

    This is a big project. Let me ask you this, would you be willing to pay for this feature if we went and licensed an existing solution?
    m.


    Big Frickin Disclaimer:
    While I'm pretty sure, I can't guarantee that I know what I'm doing. There might be a better way to do this, and this way might actually suck. Make sure you understand the implications of what you're doing before trying to follow these directions.

    It often helps troubleshooting if you have a good network map. Look here if you want my advice on how to draw one.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  4. #34
    Untangle Ninja YeOldeStonecat's Avatar
    Join Date
    Aug 2007
    Posts
    1,549

    Default

    Quote Originally Posted by mrunkel View Post
    So what exactly do you guys want? Site to Site IPSEC? Windows IPSEC client support? Because most IPSEC setups (like monowall) don't support that today.

    Which other IPSEC clients should we support?

    As for PPTP, I don't see that on the roadmap for Untangle, but I'm just one guy here. It's yesterday's technology that didn't provide what it said it should long ago.
    An opinion from an SMB consultant that could increase the amount of Untangle deployments (and thus sales and money for you)...
    My vote...."Site to Site IPSec".

    I could care less about Windows IPSec client support, and I could care less about other IPSec software client support. For remote users, you have your OpenVPN and that's fine. Browser based SSL VPN such as Juniper has in their SSL appliances is great.

    I can live without PPTP VPN, it's not a dealbreaker, although it's nice to have from a support standpoint.

    But back to my point....supporting router to router IPSec VPN tunnels would greatly increase my ability to implement your product in more clients of mine. Just a standard method like Linksys/Cisco does with their RV0 series of routers.

    A lot of us have clients with existing hardware, existing WANs, and they are running on hardware that does the site to site tunnels. If we need to add a new satellite office, or get the opportunity to replace one of the units...we have no means of introducing Untangle, because it lacks IPSec support. Unless we tried to convince the client to replace ALL their appliances with a new fleet of Untangle boxes...and you know how likely that will be to happen!

    I like how PFSense did their VPN, both PPTP and IPSec.....please take a peek at it. It works well with existing hardware at clients sites. Just a middle of the road compatible IPSec system would be great.

    Having site to site IPSec support will REALLY increase our ability to get your product out there in the market you are targeting. By not having this support, IMO you're losing from 30-50% of opportunities.

  5. #35
    Untangle Ninja
    Join Date
    Jan 2009
    Posts
    1,176

    Default

    Quote Originally Posted by mrunkel View Post
    This is a big project. Let me ask you this, would you be willing to pay for this feature if we went and licensed an existing solution?
    I would hope you UT folks would offer ipsec without removing the openvpn option, allowing the install choice of one or the other, ie: clam (free) and kaspersky (paid).

  6. #36
    Untanglit
    Join Date
    Mar 2008
    Posts
    21

    Default

    Quote Originally Posted by mrunkel View Post
    You know that sky-knight doesn't work for untangle right? He volunteers his time here for free.
    Yes.

    Quote Originally Posted by mrunkel View Post
    Is the only issue with OpenVPN support that it isn't available on the iPhone? In what application does the iPhone require vpn support? I'm guessing HTTPS isn't sufficient for these applications?
    No. Read back up in the thread where other users mention that they need to integrate Untangle with existing infrastructure. VPN support on the iPhone needs to be available system wide, as it is with IPSec. That way I can check my locked away servers, workstations, and other stuff (like PC-based lab equipment), using whatever apps on my iPhone that I want.

    Would an Untangle OS X openvpn client setup (like we do for windows) help things?
    At least change the docs to include Viscosity in addition to TunnelBlick (which sucks). Viscosity may be $9 a pop, but it works way better. I've tried both. That still doesn't help if we need IPSec, though.

    The argument that the reports option in Untangle has been worked on since March doesn't make me feel better, since Untangle users and (especially!) potential users have been asking for IPSec/PTPP since, oh, at least 2007 on these very forums. It really, really, really looks like you guys have a beef with any VPN that's not OpenVPN, and Untangle simply refuses to support it for "religious reasons."

    Yeah, I'm one of those whiny freebie users. You can bet your bippies, though, if I had a clue about how to code an IPSec app for Untangle, I woulda done it long ago. Me, though, I just hack Ruby. Sorry I can't contribute.
    Last edited by woode; 10-02-2009 at 08:40 AM.

  7. #37
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    25,541

    Default

    Hmm it just dawned on me...

    Yes I know I'm slow.

    If the concern on the Untangle side of the fence is the support costs imposed by the IPSec protocol... then make the IPSec module a paid module.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  8. #38
    Untanglit
    Join Date
    Sep 2008
    Posts
    20

    Default

    Quote Originally Posted by sky-knight View Post
    Hmm it just dawned on me...

    Yes I know I'm slow.

    If the concern on the Untangle side of the fence is the support costs imposed by the IPSec protocol... then make the IPSec module a paid module.
    I've read your posts.
    Nothing slow about you buddy.

    How about free basic IPSec, tick boxes for non-standard implementations + money ?

  9. #39
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    25,541

    Default

    That could work... but from the earlier Dev post it sounds like support for the IPSec module should be a separate thing?

    How far down that road do you travel? At some point it just feels like you're nickle and dimeing people to death.

    I know where they are coming from. With all the protocol and encryption settings involved with IPSec, it really is a mess. Untangle doesn't want to walk that road unless they can do it well. But, on the flip side, doing "well" means limiting the features. Not to mention the network interface limit...

    There is more here that needs to be thought about...
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  10. #40
    Untanglit
    Join Date
    Sep 2008
    Posts
    20

    Default

    Quote Originally Posted by sky-knight View Post
    That could work... but from the earlier Dev post it sounds like support for the IPSec module should be a separate thing?

    How far down that road do you travel? At some point it just feels like you're nickle and dimeing people to death.

    I know where they are coming from. With all the protocol and encryption settings involved with IPSec, it really is a mess. Untangle doesn't want to walk that road unless they can do it well. But, on the flip side, doing "well" means limiting the features. Not to mention the network interface limit...

    There is more here that needs to be thought about...
    Hi.
    Some or most of us are un-initiated to the complexities if IPSec.
    Surely there is a standard for IPSec. Why not implement that and let others be compliant ? If you never get the i@rap market it's their fault.

Page 4 of 12 FirstFirst ... 23456 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2