Here is a brief mention of IPSec related benchmarks, just so people can get an idea of what performance degradation you are likely to see (yes, you will get a loss in performance, although if you have sufficiently overspecced parts you might not notice :)).

The benchmarks posted from me are from two P3/600 machines connected via a 10Base-T hub. One is running Gentoo, the other Debian. I don't think the authentication method will make any difference, but at the moment I am using PSK (mainly since I just finished that page :)).

Transferring a 200MB file consisting entirely of zeroes (hi /dev/zero) from one machine to the other via FTP (proftpd 1.2.8, ncftp 3.1.5): || No IPSec | 863.65 kB/s | IPSec | 778.21 kB/s

As you can see, there is about a 10% protocol overhead incurred. The load on the machines during the transfer was around 0.3.