Previous employer had a VPN connection to the US which went down twice
in 3 years - (this was version 4.0 on NT4 ) due to key problems. In
terms of performance they also replaced a Framerelay Leased line network
with a VPN runnign over the same size local tails & there was no
noticable change in performance (this may say more about the frame Relay
set up than anything else..) In my expereince the volume of data flowing
through the tunnel has little or no effect on the stability, as an
asside if you've got a T3 at both ends then that would potentially give
you a *much* larger tunnel for your backups...
Alaric
> -----Original Message-----
> From: Mailing list for discussion of Firewall-1
> [mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf
> Of Alan Choyna
> Sent: 26 July 2004 20:39
> To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
> Subject: [FW-1] VPN Tunnel stability and throughput
> performance between 2 Nokia IP440's running NG FP3.
>
> Hey people,
>
> We're moving to a co-locate environment, and my client wishes
> to use a VPN tunnel between 2 Nokia ip440's running NG PF3 to
> connect the internal Network to our DMZ networks at the
> co-locate space about 50 miles away.
>
> l'm pitching for a dedicated T1 line to our IP440 at the
> co-lo, thereby offering best security, and stability, without
> the need for an extra firewall (with the associated
> licensing/support costs), whilst they wish me to use an
> available shared T3 connection with an encrypted tunnel to
> our co-lo firewall.
>
> Is a VPN tunnel hard to set up? and once set up, how stable
> is it? Will we have to manually reconnect/authenticate often?
> or would it be rock solid?
>
> Another question is throughput performance. Although mostly
> we will not be transmitting lots of data, late at night l
> will be backing up about 20 gigs of data every week or so.
> How much bandwidth does encryption use (DES3)?
> Would this large throughput make the tunnel less stable?
>
> Thanks in advance,
>
> Alan
>
>
> Alan C. Choyna
> Senior Consultant
>
> Pathfinder Associates, LLC
>
> <http://www.pathfinderassoc.com/>http://www.pathfinderassoc.com
> Internet Strategy Business Consultants
> <mailto:achoyna AT pathfinderassoc DOT com>mailto:achoyna@pathf<mailt
o:achoyna AT pathfinderassoc DOT com>.com
>
> Business telephone (312) 372-1058. Mobile (773) 255-6662
>
>
> =================================================
> To set vacation, Out-Of-Office, or away messages, send an
> email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your subscription
> options, email fw-1-owner AT ts.checkpoint DOT com
> =================================================
>
>
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
