For internal GW what happens when you create non tunnel-mode GW? Why would one do this?

Reply
Highlighted
L3 Networker

For internal GW what happens when you create non tunnel-mode GW? Why would one do this?

Hi,

 

For internal GW what happens when you create non tunnel-mode GW? Why would one do this? If it only provides USER-ID why is it used?

Highlighted
L5 Sessionator

Re: For internal GW what happens when you create non tunnel-mode GW? Why would one do this?

Hi @junior_r

 

Enabling tunnel mode uses IPSec as the protocol for tunnel termination instead of SSL. Naturally, this is going to provide better throughput since IPSec is UDP and SSL is TCP.

 

Enabling tunnel mode allows you to utilise more granular settings for the gateway such as

 

Maximum number of users connected, X-Auth Support (Allows mobile devices to connect using inbuilt VPN) and the ability to attach a GlobalProtect IPSec Crypto profile - giving you more control over the authentication and encryption algorithms that are used to negotiate keys over the tunnel.

 

Thanks,

Luke.

 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!