this post was submitted on 23 Jan 2024
1 points (100.0% liked)

Sysadmin

12 readers
1 users here now

A reddit dedicated to the profession of Computer System Administration.

founded 2 years ago
MODERATORS
[email protected]
1
VPN appliance for traveling employees? (zerobytes.monster)
submitted 11 months ago by [email protected] to c/[email protected]
0 comments fedilink hide all child comments
 
This is an automated archive.

The original was posted on /r/sysadmin by /u/TheDongles on 2024-01-23 16:31:03+00:00.

We have about 150 employees and about 90 of them work while traveling exclusively. These traveling employees use an iPad managed by our MDM. Being on the road a lot while dealing with some sensitive data, we’d like to implement a vpn so they don’t connect to hotel or airport WiFi all the time unprotected. It’s mostly iPads but there are a dozen supervisors in the mix that have other a Mac or pc. These folks in particular deal with customer and employee data. Most of them are good about using a hotspot on their phone. But it is a complaint they have. Their schedules all vary, so it’s not like all 90 are working at the same time, I would say closer to 50ish at a time max of just the traveling employees

Our director wants to provide a vpn for the traveling employees, but the vpn solutions that I find a really expensive for what we need looking around $5 per user per month. No way I’m getting that approved for 80-90 users considering the other projects slated for this year.

Another thought I had was running a client vpn from our network equipment. Unfortunately this was not in the back of our minds during our WiFi upgrade last year, and our Meraki Mx cannot have that many concurrent tunnels. So my thought is what if we had a separate appliance and it solely just was used as a vpn server? I’ve heard good things about PFsense, and appears pretty reasonably priced equipment.

I know there are downsides to this like reliability, only having one server vs many that a vpn provider could offer. But most importantly, im wondering how heavily the vpn appliance would affect the office users speeds. We only pay for 100mbps dedicated fiber. I’ve noted we’d likely need to up this at some point as we have about 60 users on site a day that do various things from office work to regular app and document downloads that can be 1gb a person.

So my questions are: Is it better to just bite the bullet on a vpn provider?

What kind of bandwidth issues could we hit? Note the folks on the road are downloading regular updates of documents and data that can be a gig or so regularly. Like nearly daily per person.

This is a bit out of my wheelhouse so any and all insights are appreciated.

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here