VPN over slow Internet connections

Gary Gladney gladney at stsci.edu
Thu Apr 21 12:32:53 CDT 2011


If you haven't deployed your VPN environment yet I would seriously consider using SSL VPN instead of IPSec as your tunneling protocol.  SSL VPN gives you a lot more options than IPSec.

Gary 

-----Original Message-----
From: Ben Whorwood [mailto:bw-ml at mube.co.uk] 
Sent: Thursday, April 21, 2011 12:56 PM
To: nanog at nanog.org
Subject: VPN over slow Internet connections

Dear all,

Can anyone share any thoughts or experiences for VPN links running over slow Internet connections, typically 2kB/s - 3kB/s (think 33.6k modem)?

We are looking into utilising OpenVPN for out-of-office workers who would be running mobile broadband in rural areas. Typical data across the wire would be SQL queries for custom applications and not much else.

Some initial thoughts include...

   * How well would the connection handle certificate (>= 2048 bit key) based authentication?
   * Is UDP or TCP better considering the speed and possibility of packet loss (no figures to hand)?
   * Is VPN over this type of connection simply a bad idea?

Many thanks in advance.

Kind regards,
Ben Whorwood





More information about the NANOG mailing list