VPN Optimization question
Dustin.cisco
Member Posts: 29 ■□□□□□□□□□
in CCNA & CCENT
Hi,
I have 3 Questions
#1
My question is would using CHAP Authentication over a AES encrypted VPN site-to-site connection be unnecessary overhead? Would it be more practical to use PAP?
#2
I know VPN connection speeds are mainly dependent on the "cloud" and ISP the connection is going through but are their any tips or tricks for optimization?
#3 (Edited)
How does one configure VPN User Authentication through Active Directory on a Windows Server while having the VPN setup on a SonicWall Firewall?
I have 3 Questions
#1
My question is would using CHAP Authentication over a AES encrypted VPN site-to-site connection be unnecessary overhead? Would it be more practical to use PAP?
#2
I know VPN connection speeds are mainly dependent on the "cloud" and ISP the connection is going through but are their any tips or tricks for optimization?
#3 (Edited)
How does one configure VPN User Authentication through Active Directory on a Windows Server while having the VPN setup on a SonicWall Firewall?
Comments
-
instant000 Member Posts: 1,745Dustin.cisco wrote: »Hi,
I have 3 Questions
Is this homework?#1
My question is would using CHAP Authentication over a AES encrypted VPN site-to-site connection be unnecessary overhead? Would it be more practical to use PAP?
I would use CHAP, regardless. If protecting your passwords is unnecessary overhead, you need to throw away that AOL CD and get off dial-up.
RFC 1334 - PPP Authentication Protocols#2
I know VPN connection speeds are mainly dependent on the "cloud" and ISP the connection is going through but are their any tips or tricks for optimization?
Yeah, only configure VPNs where needed. That is, configure it so that only traffic needing to go across the VPN goes there. Let the rest go out to the internet. That should save you a little stress on your connection. If there are some services (like file) that are really needed at the remote site, there are branch caching technologies available.
Some caching technology can be deployed, which can save you on your WAN spend $$$.#3 (Edited)
How does one configure VPN User Authentication through Active Directory on a Windows Server while having the VPN setup on a SonicWall Firewall?
If you're using a Windows Server 2008 R2/Windows 7, use Direct Access
DirectAccess
I'm not that familiar with SonicWall products. At a past job, we configured user authentication via Active Directory, through a Cisco Agent. Wouldn't be shocked if SonicWall had a similar agent you could deploy to authenticate against AD.Currently Working: CCIE R&S
LinkedIn: http://www.linkedin.com/in/lewislampkin (Please connect: Just say you're from TechExams.Net!) -
ChooseLife Member Posts: 941 ■■■■■■■□□□Dustin.cisco wrote: »#1
My question is would using CHAP Authentication over a AES encrypted VPN site-to-site connection be unnecessary overhead? Would it be more practical to use PAP?Dustin.cisco wrote: »#2
I know VPN connection speeds are mainly dependent on the "cloud" and ISP the connection is going through but are their any tips or tricks for optimization?Dustin.cisco wrote: »#3 (Edited)
How does one configure VPN User Authentication through Active Directory on a Windows Server while having the VPN setup on a SonicWall Firewall?“You don’t become great by trying to be great. You become great by wanting to do something, and then doing it so hard that you become great in the process.” (c) xkcd #896
GetCertified4Less - discounted vouchers for certs -
ChooseLife Member Posts: 941 ■■■■■■■□□□instant000 wrote: »That is, configure it so that only traffic needing to go across the VPN goes there. Let the rest go out to the internet.
Also, monitoring the VPN port will help to discover chatty remote hosts (misconfigured synchronization, p2p/Skype/Youtube/other-bandwidth-eater -app users on VPN with no split tunnel).“You don’t become great by trying to be great. You become great by wanting to do something, and then doing it so hard that you become great in the process.” (c) xkcd #896
GetCertified4Less - discounted vouchers for certs -
ajmatson Member Posts: 289Dustin.cisco wrote: »How does one configure VPN User Authentication through Active Directory on a Windows Server while having the VPN setup on a SonicWall Firewall?
Are you setting up a site 2 site VPN? or a client based VPN on the SonicWALL (ie. Global VPN or SSL VPN)Working on currently:
Masters Degree Information Security and Assurance (WGU) / Estimated 06/01/2016
Next Up: CCNP Routing Exam | Certified Ethical Hacker Exam
Cisco Lab: ASA 5506-X, GNS3, 1x 2801 Router, 1x 2650XM, 1x 3750-48TS-E switch, 2x 3550 EMI Switches and 1x 2950T swtich.
Juniper Lab: 1x SRX100H2, 1x J2320 (1GB Flash/1GB RAM, JunOS 11.4R7.5), and 4 JunOS Firefly vSRX Routers in VMWare ESXi 5.1