Hello all,
I've been trying to search online and the KB, but so far I can't find a clear answer: Is it considered unsafe to allow the source and destination WAN accelerators to communicate directly over the Internet on ports 6164/6165? Or is it necessary to route the traffic through an IPSEC tunnel? I ask because bandwidth across our SITE-TO-SITE tunnel to the target server is limited due to a Comcast issue. I can probably work around the issue by routing the traffic outside the tunnel. I understand that the traffic between WAN accelerators is encrypted, but I still don't want to do this if it significantly decreases security.
-
PSI-INDY
- Novice
- Posts: 6
- Liked: never
- Joined: Mar 09, 2016 11:41 pm
- Full Name: PSI indy
- Contact:
-
foggy
- Veeam Software
- Posts: 21139
- Liked: 2141 times
- Joined: Jul 11, 2011 10:22 am
- Full Name: Alexander Fogelson
- Contact:
Re: WAN accelerator directly over the Internet - Advisable?
Generally, VPN is recommended, though, if encryption is enabled and firewalls are properly configured, you're good to go.
-
PSI-INDY
- Novice
- Posts: 6
- Liked: never
- Joined: Mar 09, 2016 11:41 pm
- Full Name: PSI indy
- Contact:
-
Gostev
- Chief Product Officer
- Posts: 31806
- Liked: 7300 times
- Joined: Jan 01, 2006 1:01 am
- Location: Baar, Switzerland
- Contact:
Re: WAN accelerator directly over the Internet - Advisable?
I think it's a bad idea to not use VPN since control traffic will not be encrypted in this case.
Who is online
Users browsing this forum: Semrush [Bot] and 254 guests