VPN Client Conflict with Satelite Internet Services (Hughes DirecWay)

Robert_P_Jackson · ‎06-22-2002

There appears to be a general problem with the use of VPN technology and Satelite services. In discussions with DirecWay technical support, they indicate the need to turn off IPSEC and select high ping rate. As use of IPSEC is fundamental to our network strategy if we wish to use these types of services the conflict would have to be resolved. Does anyone have insight into this problem? DirecWay indicates little that they can (or would be willing) to do to resolve this.

cjacinto · ‎06-22-2002

Are you using the satellite service with a modem backhaul? If so this won't work because it is a different path for upload and download, thus it would not be encrypted/decrypted at the same point. If it is two way satellite link, the only issue I see is latency and the additional ipsec header might cause some mtu

issues on the link (could be overcome by setting an acceptable mtu on the client and inside servers). Or have they clarified to you what is exactly the issue?

Robert_P_Jackson · ‎06-23-2002

In speaking with Tech support I was referring to DirecWay's two-way service. They mentioned the issue of latency and suggested something like "high ping time" setting (I assume to prevent a timeout type condition) and that you had to turn IPSEC off (which of course defeats the purpose for our enterprise network over the Internet). All I can add is that the connection itself seems to happen, but the degradation in performance significant (less then land-based dial-up speeds). DirecWay is not the only satelite service that has the problem, but the service providers seem to stop short of trying to resolve it. Almost as if it is not in their market strategy to pursue the corporation only the consumer.