I have a VPN concentrator with remote clients connecting from home. They are using Cisco's VPN 3.5 and 3.6 clients. Most of my remote clients are connecting through dialup modems to run applications from a Citrix server. They are complaining that the connection is to slow. I currently have the remote clients group setup with 168 3DES I was wondering how I can increase the bandwidth to speed up the connections? I tried setting the group up with 56 DES but it didn't seem to make much of a difference. Do you have any recommendations on creating an SA that would increase bandwidth and still keep our connection secure? Can I use some kind of compression?
Re: Bandwidth comparison between IPSec 3DES and DES
i really don't see that as a bandwidth issue. Decreasing the encrytion algorithm is not going to give you more bandwidth. here are some questions to ponder.
how much memory and processing speed do the client computers have?
what type of applications are they running? different applications will act differently. For Example, a terminal emulation (telnet) or http application will run pretty quickly, yet a database or terminal services app may run slowly ESPECIALLY over diaup because of the 56k limit (42k at best) plus the encryption/decryption overhead compounded by the resources of the computers. if they had dsl they would be better off. i have dialup and dsl clients coming into our main site running database apps. the runs running dsl are ok, but the ones running analog are very slow and troublesome because of phone line quality.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...