In as much as we see the benefits of using Internet VPN for remote/small site deployment, there's always a concern with congestion. Regardless of site-to-site tunelling(IPSEC) or dial-ups, when we face situations such as the CodeRed or Nimda virus attacks, the overload caused on the Internet puts VPN connections to a grinding halt. What options do we have today to provide continuity? How do we provide a form of "Committed Bandwidth" or is it always impossible?
When such viruss/trojans exist on any public network it is difficult to offer any kind of service level guarantee. If this is an absolute requirement 24/7 then VPN across a public network is probably not the best solution for you. Committed frame connections or similar would be a better solution for your needs or perhaps just a direct dial-in access-server for such times may be more cost effective.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...