Disabling External Ping, VPN drops.
- 
 @Dashrender said: How would you encapsulate the traffic from the 400 to the home user's computer? VPNs encapsulate everything on the network. 
- 
 @scottalanmiller said: @Dashrender said: How would you encapsulate the traffic from the 400 to the home user's computer? VPNs encapsulate everything on the network. Yeah.. I know that! other than using an onsite device, say a ASA/sonicwall, etc to terminate the tunnel - how are you getting the traffic into the tunnel in the first place? 
- 
 What's wrong with a device? Once you are at the level of an System i, having a VM with pfSense for VPNs is pretty trivial. 
- 
 But why not use the built in VPN capabilities on the System i box? Not like you can't SSH or stunnel natively. 
- 
 @scottalanmiller said: But why not use the built in VPN capabilities on the System i box? Not like you can't SSH or stunnel natively. I am already using a device for that customer (ASA). This whole thing came up because you can't use my situation and Pertino together. 
- 
 @Dashrender said: @scottalanmiller said: But why not use the built in VPN capabilities on the System i box? Not like you can't SSH or stunnel natively. I am already using a device for that customer (ASA). This whole thing came up because you can't use my situation and Pertino together. That's correct, Pertino is not a traditional VPN but a software defined network that is an overlay to your entire network and does not support System "i" at all (and probably never will, it is a tiny piece of the market.) As System "i" is its own OS and not UNIX in any way, it is very costly to support not only because it is an entirely separate platform but because it is one that costs a fortune to maintain testing equipment and development tools for. 
- 
 @Dashrender said: Yeah yeah... it's a, nope It's an AS400! The unit is from 1998 I think, but it could be older. Holy cow. I threw out my top of the line AS/400 from 1999 many years ago. Sent it to recycling!! That was my personal one. It was eleven rack units. Took two box trucks to move it. 
- 
 @Dashrender said: I am already using a device for that customer (ASA). This whole thing came up because you can't use my situation and Pertino together. Just went back and read the thread to see what the topic was at this point  Yeah, can't use any of those technologies with an AS/400.  Time to move to the century, err, millennium. Yeah, can't use any of those technologies with an AS/400.  Time to move to the century, err, millennium. 
- 
 @Dashrender said: @scottalanmiller said: But why not use the built in VPN capabilities on the System i box? Not like you can't SSH or stunnel natively. I am already using a device for that customer (ASA). This whole thing came up because you can't use my situation and Pertino together. You really can't beat an ASA for VPN. It works so well, and with a variety of clients. Pertino isn't designed to connect a computer to an infrastructure; it's designed to connect individual computers together. For a traditional business, it isn't quite a good fit just yet. If/when the get it set up so that you can connect a computer to your infrastructure, that'll change things for the better. 
- 
 It would be nice to see a VPN/Pertino appliance for say a home network. There are times when you need to hang a printer directly on the network for printing, so the appliance would be nice... but it's really no different than putting ASAs on both sides. 
- 
 @Dashrender said: It would be nice to see a VPN/Pertino appliance for say a home network. There are times when you need to hang a printer directly on the network for printing, so the appliance would be nice... but it's really no different than putting ASAs on both sides. Something like a Sophos RED? 
- 
 @Dashrender said: It would be nice to see a VPN/Pertino appliance for say a home network. There are times when you need to hang a printer directly on the network for printing, so the appliance would be nice... but it's really no different than putting ASAs on both sides. Pertino is looking at that stuff. Because of the full mesh system, gateways are problematic and require a lot of special attention. IP handling isn't trivial. 
- 
 We've spoken about this in another thread, I know it's on their radar. 
- 
 @Dashrender said: We've spoken about this in another thread, I know it's on their radar. Long-term data retention's on Mozy's radar, too. That doesn't make the product any more usable. 
- 
 true, which is why I'm not really even considering them for any of my current solutions 



