Hello,
I am trying to create a VPN relationship between a ASL 3.209 system on a full T1 to a remote laptop using an analog modem for dialup (56Kbps-21Kbps).
The connection will only be used for pop3 and minor web activity. I currently have 3DES_PFS_COMP setup and the performance is so bad over a 44K connection that the link is practically unusable.
My biggest concern is keeping the VPN from being exploited. I am not too worried about strong tunnel encryption because I/we are not that interesting. As long as the connection is solid and it is relatively hardened from unauthorized access.
Two questions I hope someone can help with:
1. Does the bit count of the user certificate dictate the bit strength of the tunnel encryption? (ie: 2048bit cert = 3DES with 2048 bit key/high-overhead)
2. Is there a preferable IPSecpolicy that offers encryption and internal network access security while showing better performance over a low bandwidth connection (Win2K laptop, SSH Sentinel 1.4, 21K-56K dialup speed)?
Thank You.
Jeff
This thread was automatically locked due to age.
