we are getting ready to do a POC with ACE, Hurray !!!!!!!!!
One problem though. The customer (who is a service provider) is going to loadbalance traffic to a web proxy, but wants to bypass IPSec VPN traffic from getting loadbalanced to proxies.
I think we can do this if the clients are using IPSec tunnel mode, but it seems there would be a problem in identifying the traffic if the clients are using IPSec transport mode or transparent tunneling. Any idea how i can prevent all of the VPN traffic from going to the proxies ?