Can WAAS inline accelerate IPSEC tunnel traffic

Unanswered Question
Apr 20th, 2009

Pretty sure the answer is noooooo. Trying to set this up at a client and we are no seeing acceleration for his replication traffic. They are taking this traffic and encrypting it with a pair of ASA's. Then it goes to the switch then from the switch to the inline LAN on the WAAS and then onto the router and off to the WAN. same on the other side. I think the only way to make it work, is to use the other inline module and break this connection from the relication device to the firewall and insert the WAAS inline there. Thoughts??

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
ropethic Mon, 04/20/2009 - 15:45

If traffic is being encrypted prior to reaching the WAE then only TCP optimization and LZ compression will occur. Data Redundancy Elimination will not take place due inability to find a matching pattern within IPSEC tunnel.

A new version will be coming out soon offering SSL encryption acceleration.

miwitte Mon, 04/20/2009 - 17:35

I knew this wouldn't work, it was more to appease the customer to post this. We have taken off encryption just waiting for him to kick off a replication. I tried explaining it would compress and optimize TCP, but he was looking for the connection statistics to show the endpoints and for it to be mapped to a classifier and be optimized. I told him since WAAS could not look inside an IPSEC tunnel it could not see the endpoints.

Actions

This Discussion