[139857] in North American Network Operators' Group
RE: VPN over slow Internet connections
daemon@ATHENA.MIT.EDU (Gary Gladney)
Thu Apr 21 13:34:04 2011
From: Gary Gladney <gladney@stsci.edu>
To: Ben Whorwood <bw-ml@mube.co.uk>, "nanog@nanog.org" <nanog@nanog.org>
Date: Thu, 21 Apr 2011 17:32:53 +0000
In-Reply-To: <4DB06184.30508@mube.co.uk>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
If you haven't deployed your VPN environment yet I would seriously consider=
using SSL VPN instead of IPSec as your tunneling protocol. SSL VPN gives =
you a lot more options than IPSec.
Gary=20
-----Original Message-----
From: Ben Whorwood [mailto:bw-ml@mube.co.uk]=20
Sent: Thursday, April 21, 2011 12:56 PM
To: nanog@nanog.org
Subject: VPN over slow Internet connections
Dear all,
Can anyone share any thoughts or experiences for VPN links running over slo=
w Internet connections, typically 2kB/s - 3kB/s (think 33.6k modem)?
We are looking into utilising OpenVPN for out-of-office workers who would b=
e running mobile broadband in rural areas. Typical data across the wire wou=
ld be SQL queries for custom applications and not much else.
Some initial thoughts include...
* How well would the connection handle certificate (>=3D 2048 bit key) b=
ased authentication?
* Is UDP or TCP better considering the speed and possibility of packet l=
oss (no figures to hand)?
* Is VPN over this type of connection simply a bad idea?
Many thanks in advance.
Kind regards,
Ben Whorwood
