Christophe Prevotaux wrote: > I can use AH/ESP however since I am using a satellite link > thru a modem/hub(NOC) that fiddles around with packets in order > to optimize them , I can't encrypt the headers otherwise the > optimizer can't see inside the packets and therefore can't see the > headers , so no optimization is done ,and I end up with a 33,6Kbps > like speed for the VPN , which is useless (at best 56Kbps).
You could try (transport mode) IPsec over a UDP tunnel, if your middlebox mucks with the L4 headers. Then again, your middlebox probably only "optimizes" TCP - have you benmarked TCP vs. UDP performance over the link? (If so, you'll need to use a TCP tunnel.) Lars -- Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
