Okay Guys, This is a very interesting issue which I do not think many will have come across but it' s something I am now dealing with. The problem for those that do not know about is to do with VSAT connections and how they deal with Acceleration and Latency inherent in Satellite based connections. To deal with these issues a VSAT connection only ACK generally every 3rd packed. This then in turn causes problems with ISPEC based VPN traffic because the VSAT connection is forced to ACK every packed and in essence will drop in performance by 20 - 40% over a non encrypted stream. The issue is dealt with by a few different vendors who have products that just encrypte the data stream and not the headers this means that the satellite can treat it as normal traffic and apply it' s usual enhancement features. One product that does is the VSR-30 by VSAT Systems http://www.vsat-systems.com/end-user-installation/indoor-equipment/vsr-30/ The issue I have is that we a client who would like to do this directly from a Fortigate and not have to use 3rd party products to do this type of connection as adding in other points of failure introduces more issues in the long run. Specially when they want to go to HA which the VSR-30 does not support. So my question is simple at this stage the Fortigate support Transport Layer VPN options which in essence does what I want however it' s designed more for L2TP based Client - Server connections and doesn' t actually route for a Site to Site based connection. I can get the VPN to come out in Transport Layer but no traffic will pass over it. Is it possible to somehow get this to work as this would be a significant boon in Fortinets pocket as you would be the only Firewall Vendor currently providing this solutions to VSAT customers This is probably more a feature request but if there is a way I can get this working now it would be greatly appreciated?