dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
466
andys03
join:2014-01-13
usa

andys03

Member

What are the best site-to-site VPN settings for VOIP?

I have a customer who has a SIP PBX in their main office and are connecting to their branch offices via VPN. The main site has a USG 50 and the branches use the USG 20.
The phones connect to the PBX over the VPN. I do not manage their network, but I do know they also RDP into a terminal server and access a file server. What is the best way to set up each VPN? Does it matter, performance wise, if I choose 3DES over AES? SHA over MD5? etc
Each site has plenty of bandwidth up and down. (all sites have at least 75mbps/20mbps_)

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON
(Software) OPNsense
Ubiquiti UniFi UAP-AC-PRO
Ubiquiti NanoBeam M5 16

Brano

MVM

USG has WH acceleration for AES calculations. However key size matters as for performance.
My suggestion based on theory (without any actual tests performed) go with SHA1/AES128. In my eyes this is optimal balance between speed and security.
I'd avoid DES/3DES and MD5.
andys03
join:2014-01-13
usa

andys03

Member

Thanks! Could I expect to see lower latency for that setup compared to 3DES/MD5 when pinging across the VPN?

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON

Brano

MVM

No idea. I've not done any testing in this area.

IT
@rr.com

IT to andys03

Anon

to andys03
No