--===============1083719382==
Content-Type: multipart/alternative;
boundary="----=_Part_11405_445879.1117438550055"

------=_Part_11405_445879.1117438550055
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

Hello,

I have a case where I have 2 remote PIXs running 2 IPSec tunnels between=20
them, one for data and the other for voice,=20

The voice tunnel introduced delay which affected voice quality, I want to=
=20
still hide my voice traffic(i.e: ports), so I was thinking of changing the=
=20
voice tunnel to only only tunnel and not encrypt,=20
Is that possible with IPSec, if not how can this be done?

I've looked at IPsec ESP with null encryption, but with that i guess i will=
l=20
have my traffic moving in clear text ?

Other ideas i had were to use a GRE tunnel from PIX-to-PIX only for voice,=
=20
but I knew PIX have little support for GRE, i was thinking of putting 2 BSD=
=20
PCs behind the PIXs and doing the tunnel between them, but that is not an=
=20
option either.

Some people may ask why i am trying to hide my voice ports, my answer is,=
=20
where i live, the gov. is the telco., disallowing voice except through thei=
r=20
high rates, and we want to do business, move with our lives.

Regards
~Kim

------=_Part_11405_445879.1117438550055
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

Hello,



I have a case where I have 2 remote PIXs running 2 IPSec tunnels between th=
em, one for data and the other for voice,



The voice tunnel introduced delay which affected voice quality, I want
to still hide my voice traffic(i.e: ports), so I was thinking of
changing the voice tunnel to only only tunnel and not encrypt,

Is that possible with IPSec, if not how can this be done?



I've looked at IPsec ESP with null encryption, but with that i guess i wil=
ll have my traffic moving in clear text ?



Other ideas i had were  to use a GRE tunnel from PIX-to-PIX only
for voice, but I knew PIX have little support for GRE, i was thinking
of putting 2 BSD PCs behind the PIXs and doing the tunnel between them,
but that is not an option either.



Some people may ask why i am trying to hide my voice ports, my answer
is, where i live, the gov. is the telco., disallowing voice except
through their high rates, and we want to do business, move with our
lives.



Regards

~Kim




------=_Part_11405_445879.1117438550055--

--===============1083719382==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
VPN mailing list
VPN@lists.shmoo.com
http://lists.shmoo.com/mailman/listinfo/vpn
--===============1083719382==--