ACE to bypass IPSec traffic

Unanswered Question
Nov 11th, 2008
User Badges:

HI All,

we are getting ready to do a POC with ACE, Hurray !!!!!!!!!

One problem though. The customer (who is a service provider) is going to loadbalance traffic to a web proxy, but wants to bypass IPSec VPN traffic from getting loadbalanced to proxies.

I think we can do this if the clients are using IPSec tunnel mode, but it seems there would be a problem in identifying the traffic if the clients are using IPSec transport mode or transparent tunneling. Any idea how i can prevent all of the VPN traffic from going to the proxies ?


Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Gilles Dufour Wed, 11/12/2008 - 00:40
User Badges:
  • Cisco Employee,

If you only loadbalance traffic with destination port 80 or port 8080 than there is no problem.

I don't think ipsec would use those ports.


Gilles.

Actions

This Discussion