I'm trying to design a site-to-site VPN setup, but my knowledge of VPN's in relation to Cisco equipment limit me a bit.
What I would like to create is a link between two sites (one mobile Cisco router and one in a datacenter). I Need the traffic on the link to be shaped (let's say 3 priority levels) so QoS on both upstream and downstream.
The mobile router can use a number of different connections, which at least should allow "normal" internettraffic (port 443 and 80) and might traverse through a NAT-router. Furthermore it's not possible to say what the linkspeed is, it could be 64Kb/s or 2Mb/s (and when established it might even fluctuate a bit).
What are my options to have two-way QoS on that link? I Thought of using SSL VPN:
- it does not have that much overhead (even works on "slow" links?)
- uses standard port 80 and 443 (no problem with firewalls and routers?)
- tunneling of all data (the mobile user can use any port/application without the current ISP possibly blocking it?)
The only thing is I cannot find anything on site-to-site SSL tunnels, they all seem to be using a webclient or the Cisco client.
Can such an idea be realised, and if yes can it be done with the SSL? I Planned using a 3800-series as colocated router and some 2800-series as mobile router.