[VPN] IPSEC over UDP or TCP

John strgout at unixjunkie.com
Tue Oct 7 14:04:35 EDT 2003


On Mon, Oct 06, 2003 at 11:43:59PM -0400, Shivdasani, Meenoo wrote:
> 
> I'm interested in people's experiences with implementing IPSEC over UDP
> or TCP.
> 
> Benefits?  Disadvantages?
> 
> Thanks in advance,
> 
> M
I've setup IPSEC over UDP before and found it to work quite nice. If there is 
some kind of option for sending keepallives i would enable it, if anything 
just to keep the udp connection in the statetable on the firewall fresh. 
I haven't tried TCP just because i didn't want worry about tcp mss/pmtu/frag
issues.

oh btw that was with a cisco 3030 vpn concentrator.



More information about the VPN mailing list