Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - blazarov

Pages: [1]
1
Deployment / Suggested deployment between two firewalled sites
« on: May 08, 2018, 02:07:18 PM »
Hello,
I am a network engineer and a customer of mine likes WANOS and is looking for a deployment.
The environment is much more complex than all the examples in the documentation, so i am still wondering what would be a good approach and will it even work at all.

the objective is to implement WAN optimization between two sites connected by a long fat pipe (300+ Mbps; 20+ ms latency).
Currently the sites run IPSec VPN.

Now my question is on the actual WANOS appliances deployment. The customer requires virtual appliances.

Attaching a sample topology diagram.

Initially i though i would deploy the two appliances in Tunnel mode and put their WAN directly in Internet and totally replace the IPSec on the firewalls.
From my quick research it seems WANOS can not encrypt the traffic, so this is not acceptable - we should still retain the current IPSec and just use the optimization of the WANOS.

Since it will be a virtual appliance bridge deployment makes little sense to me, because there are too many VLANs on both sides and VLAN configuration will be very tricky and fragile.
so we're left with router/tunnel mode. obviously we need to route both directions of the traffic through the appliance - how would you suggest to do that?
changing servers default gw is not acceptable (critical environment) so are we looking at some sort of PBR?

Pages: [1]