From Wanos Wiki
Jump to: navigation, search
(WAN Optimization via IPsec)
 
(One intermediate revision by one other user not shown)
Line 1: Line 1:
 +
<font size=5> Document migrated. An updated [http://wanos.co/wiki/index.php?title=WAN_Optimization_over_IPsec Firewalls Guide] can be found in the [http://wanos.co/docs Wanos Documentation site] </font>
 +
<font color=#dddddd>
 +
 
==WAN Optimization via IPsec==
 
==WAN Optimization via IPsec==
  
WAN Optimization can work with IPSEC as long as the traffic is optimized before it enters the ipsec tunnel. Optimization before encryption is the minimum requirement to get optimization working over the ipsec VPN.  
+
WAN Optimization can work with IPsec as long as the traffic is optimized before it enters the IPsec tunnel. Optimization before encryption is the minimum requirement to get optimization working over the IPsec VPN.  
  
 
Example:
 
Example:
PC > Firewall > Wanos > Modem > Internet < Modem < Wanos < Firewal < PC
+
Head-Office-Server > Wanos > IPsec-VPN > Internet < IPsec-VPN < Wanos < Branch-Server
 +
 
 +
Some Cisco IOS versions drop protocol 108 over IPsec GRE tunnels. The workaround is to use a different Encapsulation (e.g. using GRE only without IPsec VPN) or enable UDP encapsulation on Wanos.
  
Some Cisco devices drops proto 108 over IPsec GRE tunnels. The workaround is to use a different Encapsulation (E.G. GRE only on Cisco VPN) or enable udpencap on Wanos.
+
To enable UDP Encapsulation, log in to the Wanos appliance '''Configure''' > '''System Settings''' > '''Optimization Settings''' > '''Encapsulation (udp)'''
  
To enable UDP Encapsulation, log in to Wanos appliance '''Configure''' > '''System Settings''' > '''Optimization Settings''' > '''Encapsulation (udp)'''
+
Although very rarely an obstacle, note that tunnels could introduce additional MTU considerations.
  
Although very rarely an issue, note that tunnels could introduce additional MTU considerations.
+
</font>

Latest revision as of 20:02, 14 February 2017

Document migrated. An updated Firewalls Guide can be found in the Wanos Documentation site

WAN Optimization via IPsec

WAN Optimization can work with IPsec as long as the traffic is optimized before it enters the IPsec tunnel. Optimization before encryption is the minimum requirement to get optimization working over the IPsec VPN.

Example: Head-Office-Server > Wanos > IPsec-VPN > Internet < IPsec-VPN < Wanos < Branch-Server

Some Cisco IOS versions drop protocol 108 over IPsec GRE tunnels. The workaround is to use a different Encapsulation (e.g. using GRE only without IPsec VPN) or enable UDP encapsulation on Wanos.

To enable UDP Encapsulation, log in to the Wanos appliance Configure > System Settings > Optimization Settings > Encapsulation (udp)

Although very rarely an obstacle, note that tunnels could introduce additional MTU considerations.

Retrieved from "http://wanos.co/wiki/index.php?title=WAN_Optimization_over_IPsec&oldid=758"