Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 8 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 4294 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Site to Site VPN- Best Method

Jae Lupo

I just upgraded our 4 firewalls to XG (latest build).  We use IPsec firewalls.  When a firewall is rebooted or there is a power failure the IPsec VPNs do not reconnect on their own.  I have to mess around with both sides of the tunnel to get them to connect again.  I created a new SSL VPN between two sites and it works fine after a reboot.  What is the current preferred method for Site to Site VPNs, IPSec or SSL?  If it is IPSec why wouldn't my VPNs connect on their own after a restart.  Thanks.


Jae



This thread was automatically locked due to age.
Parents
  • 0

    I use Site to Site SSL and it seems to work fine for me.  I have tried to use RED to connect 2 XG's but I have never been able to get it to work, the RED tunnel is established and up but I can't get traffic to flow across it.  

    I'd be curious to know which of the 3 methods, IPSec, RED, or S22 SSL the folks here find to have the best performance?

  • 0 in reply to Bill Roland

    Yes, I would like to know too what the majority of XG users are using for their VPN encryption?  I have found that the SSL VPNs have a very high latency at 600-1200ms.  This is between Australia and the UK. With IPSec it is between 200-300ms latency.  I am not sure why there is such a drastic change in speeds between the two methods.

Reply
  • 0 in reply to Bill Roland

    Yes, I would like to know too what the majority of XG users are using for their VPN encryption?  I have found that the SSL VPNs have a very high latency at 600-1200ms.  This is between Australia and the UK. With IPSec it is between 200-300ms latency.  I am not sure why there is such a drastic change in speeds between the two methods.

Children
No Data