We tried Directway satellite internet for about half a year and it was
horrible! Not only was HTTP (Web) browsing *incredibly* slow, but IPSec
(Check Point) VPN connections kept dropping. We even tried PPTP, but
directway's equipment on their side doesn't support the GRE protocol. I kept
wondering why the IPSec connection was constintly dropping, until I realized
that Directway gives their customers private IP's (ex. 10.0.50.28), behind
their gateway! I think that the private ip + the slow connection made the
VPN drop. Certain VPN servers can now detect that if the client under NAT,
it will "float" to UDP port 4500.
-Paul
----- Original Message -----
From: "Jason Brooks" <brooksje@longwood.edu>
To: <firewalls@securityfocus.com>
Sent: Tuesday, September 14, 2004 10:39 AM
Subject: Cisco VPN and Direcway Satellite Service
Our department has recently been asked to dig into some issues that have
arisen when a user is connecting to our network from home with a VPN
session
while on a Direcway satellite link. What is happening is that the user is
regularly disconnected (X interval) from the VPN link. There is nothing
'abnormal' from the Cisco Concentrator end, that we can see.
We've done some googling that have produced inconclusive results, at best.
They range from some institutions saying "We don't support VPN connections
via satellite ISPs", to "They work, but are slow". Nothing indicates that
there are others experiencing the same phenomenon that our user reports.
So, has anyone run into this, or similar circumstances? Did you have to
tweak any client settings? Any Cisco Concentrator settings?
Thanks for any input.
Jason
Jason Brooks
Information Security Technician
Longwood University
201 High Street
Farmville, VA 23909
(434) 395-2034
mailto:brooksje@longwood.edu
