Author Topic: WAN Acceleration/Optimization over IPSEC  (Read 9384 times)

mta772000

  • V.I.P
  • Full Member
  • *****
  • Posts: 20
    • View Profile
WAN Acceleration/Optimization over IPSEC
« on: April 19, 2014, 02:05:41 PM »
Dear Admin,

Good evening...

Kindly advise our case, we have one HQ with 30Mb Internet, and 4Mb leased line(point-to-point) with one branch, currently we setup WANOS to optimize/accelerate the traffic over the leased line and it is perfect. our management now want to reduce cost by replace the leased line with Internet 8Mb line in the branch (Figure-1).

My question is: can WANOS run over IPSEC Tunnel, or may i need to ask where i need to install WANOS over 7 Mb VPN IPSEC-Tunnel(Figure-2).  what do you suggest ?

Note:
The branch will have 8 Mb internet (dedicate 7Mb for VPN, and 1Mb for Internet), firewall will be Fortinet 100D, and cisco internet router 2911, VPN will be established over Fortinet firewall and not on cisco router

Thank you.
Kindest Regards,
Muhammad T. Hamed

ahenning

  • Team Wanos
  • Administrator
  • Full Member
  • *****
  • Posts: 629
    • View Profile
Re: WAN Acceleration/Optimization over IPSEC
« Reply #1 on: April 19, 2014, 03:33:33 PM »
Hi,

Yes, sure, based on figure 2, one of the places that will work is between the Fortigate and the Cisco switch. It can be either physically inline, or virtually inline with some VLAN configuration. As long as the traffic is optimized before it enters the ipsec tunnel, because compression and dedup will produce 0% reduction on the encrypted traffic. Optimization before encryption is the minimum requirement to get optimization working over the ipsec VPN.

We can also take a look at the other firewall services and links to see what might be impacted, since this can influence the final design.

Regards
Antonie
CCIE RS, CCIE SP, Mnet&sys

Note: Forum posts may be outdated. Please see the latest documentation at wanos.co/docs