> I've been experiencing troubles using VNC through an IPsec tunnel (based
on DSL connections):
> it sometimes freezes during the 'initial screen loading'
> phase. And I have the same kind
> of problem with an SQL application which sends tons of data through the
> I'm not sure what the reason is, but I've recently found the following
> "[...] If you are wondering why UDP is used instead of TCP,
> source: http://www.sans.org/rr/papers/20/1459.pdf
That's not the case.
IPSEC doesn't use some sort of tcp layer for tunneling but its own protocol
( in some cases is placed only over udp for nat traversing) , that would be
a mess, imagine tunnelling of disconnected and unreliable protocols over
connected ones :)
Maybe your problem was due to MTU differences, fragmentation and incorrect
handling of icmp messages ( it happened to me in the past that a mtu problem
prevented me to connect to a terminal server rdp machine through tunnels).
For the user that can't connect to VNC anymore, he must provide additional
data to the list for problem solving
( server so, personal firewall installed, nmap dump etc. etc.).