From Wanos Wiki
(→WAN Optimization via IPsec) |
(→WAN Optimization via IPsec) |
||
| Line 1: | Line 1: | ||
==WAN Optimization via IPsec== | ==WAN Optimization via IPsec== | ||
| − | WAN Optimization can work with | + | WAN Optimization can work with IPsec as long as the traffic is optimized before it enters the IPsec tunnel. Optimization before encryption is the minimum requirement to get optimization working over the IPsec VPN. |
Example: | Example: | ||
| − | + | Head-Office-Server > Wanos > IPsec-VPN > Internet < IPsec-VPN < Wanos < Branch-Server | |
| − | Some Cisco | + | Some Cisco IOS versions drop protocol 108 over IPsec GRE tunnels. The workaround is to use a different Encapsulation (e.g. using GRE only without IPsec VPN) or enable UDP encapsulation on Wanos. |
| − | To enable UDP Encapsulation, log in to Wanos appliance '''Configure''' > '''System Settings''' > '''Optimization Settings''' > '''Encapsulation (udp)''' | + | To enable UDP Encapsulation, log in to the Wanos appliance '''Configure''' > '''System Settings''' > '''Optimization Settings''' > '''Encapsulation (udp)''' |
| − | Although very rarely an | + | Although very rarely an obstacle, note that tunnels could introduce additional MTU considerations. |
Revision as of 19:59, 26 November 2015
WAN Optimization via IPsec
WAN Optimization can work with IPsec as long as the traffic is optimized before it enters the IPsec tunnel. Optimization before encryption is the minimum requirement to get optimization working over the IPsec VPN.
Example: Head-Office-Server > Wanos > IPsec-VPN > Internet < IPsec-VPN < Wanos < Branch-Server
Some Cisco IOS versions drop protocol 108 over IPsec GRE tunnels. The workaround is to use a different Encapsulation (e.g. using GRE only without IPsec VPN) or enable UDP encapsulation on Wanos.
To enable UDP Encapsulation, log in to the Wanos appliance Configure > System Settings > Optimization Settings > Encapsulation (udp)
Although very rarely an obstacle, note that tunnels could introduce additional MTU considerations.