Showing results for 
Search instead for 
Did you mean: 

Site-to-site VPN with low-overhead needed (ISP offers very limited access)


Is someone able to help me out a bit on this one?

I'm trying to design a site-to-site VPN setup, but my knowledge of VPN's in relation to Cisco equipment limit me a bit.

What I would like to create is a link between two sites (one mobile Cisco router and one in a datacenter). I Need the traffic on the link to be shaped (let's say 3 priority levels) so QoS on both upstream and downstream.

The mobile router can use a number of different connections, which at least should allow "normal" internettraffic (port 443 and 80) and might traverse through a NAT-router. Furthermore it's not possible to say what the linkspeed is, it could be 64Kb/s or 2Mb/s (and when established it might even fluctuate a bit).

What are my options to have two-way QoS on that link? I Thought of using SSL VPN:

- it does not have that much overhead (even works on "slow" links?)

- uses standard port 80 and 443 (no problem with firewalls and routers?)

- tunneling of all data (the mobile user can use any port/application without the current ISP possibly blocking it?)

The only thing is I cannot find anything on site-to-site SSL tunnels, they all seem to be using a webclient or the Cisco client.

Can such an idea be realised, and if yes can it be done with the SSL? I Planned using a 3800-series as colocated router and some 2800-series as mobile router.

Thanks in advance for any idea!

Kim Jansen

1 Reply 1


Is anyone able to judge if the above can be done, or am I requiring too much of the current technology?

It shouldn't be that kind of a problem I think?

Thanks, Kim

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: