Meraki MX series?
I don't like the way they do their licensing (your license runs out, the box is a paper-weight) but they do really well at establishing site-to-site VPNs in some pretty challenging scenarios. Dynamic IPs and NATs don't really cause them a problem. Some CGNats do (AT&T I'm looking at you).
-----Original Message-----
From: "Keith Stokes" <>
Sent: Thursday, February 10, 2022 1:11pm
To: "William Herrin" <>
Cc: "" <>
Subject: Re: VPN recommendations?
Pfsense on Netgate appliances?I’ve used several of them, while not for this exact purpose they have done the roles but maybe not the amount of VPN traffic.
--Keith StokesSalonBiz, IncHi folks,Do you have any recommendations for VPN appliances? Specifically: I need to build a site to site VPNs at speeds between 100mpbs and 1 gbit where all but one of the sites are behind an IPv4 NAT gateway with dynamic public IP addresses.Normally I'd throw OpenVPN on a couple of Linux boxes and be happy but my customer insists on a network appliance. Site to site VPNs using IPSec and static IP addresses on the plaintext side are a dime a dozen but traversing NAT and dynamic IP addresses (and automatically re-establishing when the service goes out and comes back up with different addresses) is a hard requirement.Thanks in advance,Bill Herrin