VPN solutions for business.

I'm looking for recommendations for a rock solid road warrior VPN setup. I've got OpenVPN on PFsense working and it seems that it's not supported from either Android or IOS out of the box... Roughly 30 users will be using it with ~10 concurrent max.

OpenVPN on PFsense is my solution for site-to-site but I need something that works well, takes little ongoing maintenance, and can be deployed quickly for user access. Needs to work on XP, W7, Linux, Android, and IOS. I'm not against rolling out another small server of a different distro that can work alongside PFsense for this purpose. Thanks for your input.

edit: Is Windows 2008 R2 VPN solution considered secure? I haven't considered a Windows based VPN before.

Cisco ASA fits all but the Android requirement. Rock solid. Once its set you never have to touch it.

I'd go with a dedicated VPN appliance to handle those loads...it will give the end users optimal performance.

I'd also go for SSL VPN....IMO SSL VPN is where it's at....screw clunky old IPSec clients or even older PPTP VPN. SSL is such a breeze.

I like Junipers SA series appliances....their support is great, they are rock solid devices with fantastic performance. Set up end users 'n clients once....and forget about them...rock solid stuff!

http://www.juniper.net/us/en/products-services/security/sa-series/#products

Android, CrApple iJunk....they have a mobile client for them.

http://www.ebay.com/itm/Cisco-VPN-3...t=US_Firewall_VPN_Devices&hash=item3a7936bf5c

Old 50mbit cisco vpn concentrator. $75 doubt find anything cheaper, unless you use a server you already have.

Specs:
http://www.cisco.com/en/US/prod/col...s2284/product_data_sheet09186a00801d3b56.html

I snagged a 3060 on ebay few months back for $300, office needed something bigger than 3006 model (3mbit) they were using, and didn't want to pay $2000+ for an upgrade, and I didn't feel like having to figure out the config conversion.

I could also recommend a cisco pix 515e (with unrestricted license & encryption card), I picked one up for $120 on ebay, upgraded the processor (
Intel Pentium III 733Mhz Socket 370 Processor SL3XY) and memory to 512mb for $25... I use that at my home, but I have no idea what mbit rate it can handle, not much as I have VAC and not VAC+.
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheet09186a0080210cd9.html
BUT the concentrator is much easier to use and has the option for redundant power supply.

+1

Juniper SA for this job

Sonicwall, Juniper or Cisco are the top 3 that I know of that can make this happen easily using an SSL vpn based solution if your stuck on keeping it all SSL.

Personally - I'd just use the pFsense ipsec that's built in for these devices. Setting it up should be a one time event (takes about 3 minutes) for each client.

I think the biggest limitation is for the IOS support and using SSL as you're pretty much limited to whatever is supported in the appstore to make this happen unless you have jail broken devices.