Site-to-site VPN with low-overhead needed (ISP offers very limited access)

Unanswered Question
Jul 31st, 2007
User Badges:

Hey,


Is someone able to help me out a bit on this one?


I'm trying to design a site-to-site VPN setup, but my knowledge of VPN's in relation to Cisco equipment limit me a bit.


What I would like to create is a link between two sites (one mobile Cisco router and one in a datacenter). I Need the traffic on the link to be shaped (let's say 3 priority levels) so QoS on both upstream and downstream.


The mobile router can use a number of different connections, which at least should allow "normal" internettraffic (port 443 and 80) and might traverse through a NAT-router. Furthermore it's not possible to say what the linkspeed is, it could be 64Kb/s or 2Mb/s (and when established it might even fluctuate a bit).


What are my options to have two-way QoS on that link? I Thought of using SSL VPN:

- it does not have that much overhead (even works on "slow" links?)

- uses standard port 80 and 443 (no problem with firewalls and routers?)

- tunneling of all data (the mobile user can use any port/application without the current ISP possibly blocking it?)


The only thing is I cannot find anything on site-to-site SSL tunnels, they all seem to be using a webclient or the Cisco client.


Can such an idea be realised, and if yes can it be done with the SSL? I Planned using a 3800-series as colocated router and some 2800-series as mobile router.


Thanks in advance for any idea!


Kim Jansen

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
vanbergehenegouwen Mon, 08/06/2007 - 06:05
User Badges:

Hi,


Is anyone able to judge if the above can be done, or am I requiring too much of the current technology?


It shouldn't be that kind of a problem I think?


Thanks, Kim

Actions

This Discussion