Re: Gig Throughput on IPSEC
On second thoughts, thinking about this I am probably looking for some kind of Layer2 encryption devices. This will make things a lot easier for the deployment. Any experiences, thoughts on these types of devices, would be much appreciated. Adel On Wed 9:25 AM , adel@baklawasecrets.com sent: Hi, I have a requirement to encrypt data using IPSEC over a p-t-p gig fibre link. In the past I've normally used Juniper to terminate VPNs, as I have found them excellent devices and the route based VPN functionality very useful. However looking at their range, only the ISG will do a gig of IPSEC. I'm leaning towards keeping my exising Juniper SSG550's for firewall/routing capability at each site. Then having a separate encryption devices to handle the site-to-site vpn requiring the gig throughput. Does anyone have any suggestions on devices to use? Adel
You can run L2TPv3 (available on IOS routers) between sites, not sure about the throughput though. On Wed, Nov 11, 2009 at 2:01 AM, <adel@baklawasecrets.com> wrote:
On second thoughts, thinking about this I am probably looking for some kind of Layer2 encryption devices. This will make things a lot easier for the deployment. Any experiences, thoughts on these types of devices, would be much appreciated.
Adel
On Wed 9:25 AM , adel@baklawasecrets.com sent:
Hi,
I have a requirement to encrypt data using IPSEC over a p-t-p gig fibre link. In the past I've normally used Juniper to terminate VPNs, as I have found them excellent devices and the route based VPN functionality very useful. However looking at their range, only the ISG will do a gig of IPSEC. I'm leaning towards keeping my exising Juniper SSG550's for firewall/routing capability at each site. Then having a separate encryption devices to handle the site-to-site vpn requiring the gig throughput. Does anyone have any suggestions on devices to use?
Adel
On second thoughts, thinking about this I am probably looking for some kind of Layer2 encryption devices. This will make things a lot easier for the deployment. Any experiences, thoughts on these types of devices, would be much appreciated.
You could use OpenVPN, but that would be cheating. 8-) -- Florian Weimer <fweimer@bfk.de> BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstraße 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99
participants (3)
-
adel@baklawasecrets.com
-
Florian Weimer
-
Jian Gu