Rob Hudson wrote: > Would a common use for this be something like... 1 business having 3 > branch offices, and them wanting a VPN between the 3, with secure > encrypted transmissions along the untrusted internet? Something like > that?
Yes, that's one common scenario. The other is, imagine plugging your laptop in anywhere and having a secure channel back to the home office(s). > What kind of performance loss is there with encrypting at the gateway? > Does IPSEC just encrypt the data segment in the TCP/IP headers or > something more? Where's a FAQ? I wanna know how it works. :) Adds probably 20-30 bytes to each packet. For a 1K packet, that's 2-3% overhead. For anything slower than a T3, the computation time to do the encryption/decryption should be negligible compared to that 2-3% traffic increase. There's a fairly good description of the IPSEC protocols at the FreeS/WAN site. http://www.freeswan.org/freeswan_trees/freeswan-1.91/doc/ipsec.html -- Bob Miller K<bob> kbobsoft software consulting http://kbobsoft.com [EMAIL PROTECTED]
