Can WAAS inline accelerate IPSEC tunnel traffic

Unanswered Question
Apr 20th, 2009
User Badges:

Pretty sure the answer is noooooo. Trying to set this up at a client and we are no seeing acceleration for his replication traffic. They are taking this traffic and encrypting it with a pair of ASA's. Then it goes to the switch then from the switch to the inline LAN on the WAAS and then onto the router and off to the WAN. same on the other side. I think the only way to make it work, is to use the other inline module and break this connection from the relication device to the firewall and insert the WAAS inline there. Thoughts??

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
ropethic Mon, 04/20/2009 - 15:45
User Badges:
  • Silver, 250 points or more

If traffic is being encrypted prior to reaching the WAE then only TCP optimization and LZ compression will occur. Data Redundancy Elimination will not take place due inability to find a matching pattern within IPSEC tunnel.

A new version will be coming out soon offering SSL encryption acceleration.


miwitte Mon, 04/20/2009 - 17:35
User Badges:

I knew this wouldn't work, it was more to appease the customer to post this. We have taken off encryption just waiting for him to kick off a replication. I tried explaining it would compress and optimize TCP, but he was looking for the connection statistics to show the endpoints and for it to be mapped to a classifier and be optimized. I told him since WAAS could not look inside an IPSEC tunnel it could not see the endpoints.

Actions

This Discussion