[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Expieriences in isakmpd with more than 150 SA's

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Expieriences in isakmpd with more than 150 SA's
From: "Ralf Hornik Mailings" <ralf_(_at_)_best_(_dot_)_homeunix_(_dot_)_org>
Date: Mon, 8 Nov 2004 15:26:16 +0100 (CET)

Hi misc@,

I plan to replace a Cisco VPN 3000 with an Soekris 4801 including vpn1411
running Openbsd 3.5. Expected amount of concurrent tunnels is 150 - 200.

The gateway will be connected to the internet with an 2Mb/s SDSL link.
Phase I Authentication will be x.509v3 with 1024 bit keys and PFS, Phase
II Encryption will be AES192, HMAC SHA.
In addition, an extra flow for ip compression using LZS is planned if
supported by isakmpd yet.

Has everyone got a similar setup, and can give me some input regarding
performance and/or stability issues?
Thanks a lot!


Ralf

Prev by Date: Re: GigE recommendations
Next by Date: Re: GigE recommendations
Previous by thread: isakmpd, VPN-default gw, dhcrelay probs
Next by thread: Re: Expieriences in isakmpd with more than 150 SA's
Index(es):
- Date
- Thread

Visit your host, monkey.org