Guest User!

You are not Sophos Staff.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Performance IPsec vs SSL (Site 2 Site)

Hi Folks

has someone tested the performance difference between a SSL VPN and the IPsec VPN (both Site 2 Site)?

I am planning to change (because of a very special router) to migrate. Both internet connections are VDSL.

Yours
r2k


This thread was automatically locked due to age.
Parents
  • Good question!  Please make some measurements and report back to us even if someone else has something to offer.

    Thanks - Bob
  • I asked about this 8/11 and got no response.

    I would have thought Astaro would publish something.

    When you talk with them they claim "it should be faster" but have no numbers.

    (1% or 20%)

     The comment I got, that may make it difficult to accurately judge, is that using UDP may make it pull ahead with large files.

       Tom
  • Hi,

    it would be helpful if someone can tell us the experience in Performance in SSL over IPSEC Side to Side VPN.

    I currently have the feeling that SSL is not having a great performance instead of IPSEC.

    Thanks,
    Klaus

  • Hallo Klaus,

    Now the Community knows that performance depends on several things.

    If you really want the SSL VPN to be slow, use the TCP protocol and a 4096 key length.

    If you want to get the best performance you can from IPsec, get a device with a CPU that supports AES-NI and use a Policy like:

    Cheers - Bob

  • Thank you for the Feedback Bob.

    Maybe my spelling was a bit wrong. I have two UTMs and I want to have the best possible Side 2 Side VPN between them in the topic of performance / speed.
    My experience was that SSL VPN between two UTMs is not that having great performance. So the idea was to switch to IPSEC. Before switching I just wanted to know if IPSEC will have more speed between two UTMs.

    Thanks,
    Klaus

Reply
  • Thank you for the Feedback Bob.

    Maybe my spelling was a bit wrong. I have two UTMs and I want to have the best possible Side 2 Side VPN between them in the topic of performance / speed.
    My experience was that SSL VPN between two UTMs is not that having great performance. So the idea was to switch to IPSEC. Before switching I just wanted to know if IPSEC will have more speed between two UTMs.

    Thanks,
    Klaus

Children