VPN 3005 SSL "clientless" and VPN client performance

Discussion in 'Cisco' started by Evan Wagner, Apr 3, 2004.

  1. Evan Wagner

    Evan Wagner Guest

    Evan Wagner, Apr 3, 2004
    #1
    1. Advertisements

  2. I haven't rolled it out widely enough to detect performance problems,
    partially because implementation bugs prevented me from using anything
    more sophisticated than the basic https proxying.

    - The e-mail proxying is not suitable in our environment because we use
    one-time-password tokens and the imaps/pop3s proxies work by prepending your
    RAS password to your email password in the email client -- requiring a reauth
    with every new imap session.

    - The generic TCP forwarding only works with a specific version of the Sun JRE,
    and even that version gave Java exceptions left and right when I tried to use
    it.

    I was able to make it work for the users who needed this service by doing
    everything through the https proxy -- I set up a webmail server and a
    MindTerm ssh gateway for logins.. but its pretty hackish. Caveat sysadmin.
     
    Eric Sorenson, Apr 4, 2004
    #2
    1. Advertisements

  3. Evan Wagner

    Evan Wagner Guest

    Thanks for the information. We've got separate Webmail so it may work
    fine for what I have in mind. I'm trying to avoid rolling out multiple
    boxes (from different vendors) for SSL and VPN client solutions.

    --Evan
     
    Evan Wagner, Apr 6, 2004
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.