Feature

Feature

Supports a wide variety of network operational support and functionality.

  • low-cost, high-quality alternative
  • IPSec
  • IPComp
  • IPsec-encapsulated ethernet bridging
  • high speed data transfer support
  • jumbo frame support
  • 802.1Q VLAN Tagging and Interfaces
  • highly extensible Packet Filter
    • Queuing
    • NAT
    • Layers 3-7 Redundancy
    • Load balancing
    • Layer7 Load Balancing
  • 802.11 access point mode
  • Real-time Failover and State Synchronization


Routing and other Protocol Support

  • BGP
  • OSPF
  • RIP
  • SNMP
  • DVMRP
  • IPv6
  • Netflow

IPSEC

IPsec allows connectivity with any device supporting standard IPsec. This is most commonly used for site to site connectivity to other VPNAC installations, other open source firewalls, FreeBSD, OpenBSD, Linux and most all commercial firewall solutions (Cisco, Juniper, etc.). It can also be used for mobile client connectivity.

PPTP

PPTP is a popular VPN option because nearly every OS has a built in PPTP client, including every Windows release since Windows 95 OSR2.The PPTP Server can use a local user database, or a RADIUS server for authentication. RADIUS accounting is also supported. Firewall rules on the PPTP interface control traffic initiated by PPTP clients.

Authentication

VPNAC supports both local authentication, and authentication via RADIUS enabling authentication against Microsoft Active Directory, or LDAP.

Firewall

Packet Filter aka PF is OpenBSD's system for filtering TCP/IP traffic and doing Network Address Translation. PF is also capable of normalizing and conditioning TCP/IP traffic and providing bandwidth control and packet prioritization. PF is the most advanced firewall available on the planet.

Failover

CARP from OpenBSD allows for hardware failover. Two or more VPNAC devices can be configured as a failover group. If one interface fails on the primary or the primary goes offline entirely, the secondary becomes active. VPNAC also includes configuration synchronization capabilities, so you make your configuration changes on the primary and they automatically synchronize to the secondary firewall.VPNAC ensures the firewall's state table is replicated to all failover configured firewalls. This means your existing connections will be maintained in the case of failure, which is important to prevent network disruptions.

Load Balancing

Inbound

Inbound load balancing is used to distribute load between multiple servers. This is commonly used with web servers, mail servers, and others. Servers that fail to respond to ping requests or TCP port connections are removed from the pool.

Outbound

Outbound load balancing can be acheived via the use of multi homed routing. load balancing and failover capabilities. Traffic is directed to the desired gateway or load balancing pool on a per-firewall rule basis.