VPN 3005 SSL "clientless" and VPN client performance

Greetings,

I utilized a Cisco 3005 VPN concentrator in the past for a remote access
VPN client solution and was quite happy with the performance.

As of November 2003, it appears that Cisco has added "clientlesss" SSL VPN
support. http://www.cisco.com/en/US/netsol/ns340/ns394/ns171/ns347/networking_solutions_package.html

Can anyone comment on 3005 performance when running both simultaneously?

Thanks,

--Evan

 

I haven't rolled it out widely enough to detect performance problems,
partially because implementation bugs prevented me from using anything
more sophisticated than the basic https proxying.

- The e-mail proxying is not suitable in our environment because we use
one-time-password tokens and the imaps/pop3s proxies work by prepending your
RAS password to your email password in the email client -- requiring a reauth
with every new imap session.

- The generic TCP forwarding only works with a specific version of the Sun JRE,
and even that version gave Java exceptions left and right when I tried to use
it.

I was able to make it work for the users who needed this service by doing
everything through the https proxy -- I set up a webmail server and a
MindTerm ssh gateway for logins.. but its pretty hackish. Caveat sysadmin.

 

Thanks for the information. We've got separate Webmail so it may work
fine for what I have in mind. I'm trying to avoid rolling out multiple
boxes (from different vendors) for SSL and VPN client solutions.

--Evan