Subcontracting VPN Solutions?

musikit asks: "My company has recently decided that they have too many sites to have people e-mail back and forth requests for forms, and documentation. They would like to find a subcontractor that would set up a site-to-site VPN connect which would allow our system to do all the usual tasks (http, https, webdav, samba, imap, pop3, etc). I have been looking all over for a subcontractor and every search seems to point me to learn more about how VPN technologies work. Has the Slashdot crowd had any experience in subcontracting out a VPN solution? Would anyone care to recommend a starting point for us to find/compare/contrast different VPN contractors?"

Re:Use m0n0wall with an embedded computer.

[fuzzybunny]

M0n0wall is great. Hardware-wise I would strongly recommend a PCEngines WRAP board (WRAP 1D-2) instead of the 4501. We're deploying these on a grand scale, and they are amazingly robust (and cheap--$150-ish.)

As for the M0n0 VPN component, you don't even need static IPs on each end (just on the central location assuming you have a star configuration), as long as it's the branch offices initiating the connection.

Re:Don't do it, buy Netscreens

[matt_wilts]

Totally agree on the Netscreens - started putting them into my company 4 yrs ago & there are no signs of stopping. As the parent poster says, 2 static IPs is all you need (one for the tunnel itself & 1 for external management). You CAN do it with one central system on static IP & multiple remote sites on dynamic IP, but that works for "hub-&-spoke" & we really need fully meshed.
The biggest problem I have is that we've got to the point where the number of devices is becoming unmanageable by manual means, but the management system that Netscreen (now Juniper) sell is not Microsoft based (it's an applicance based on Sun gear). So that won't fly here, more's the pity. We may have to move to Checkpoint to get the MS-based functionality.