VPN between 2 3845 HSEC

Unanswered Question
Jul 29th, 2007
User Badges:

Hi friends,


I have 2 Cisco 3845 HSEC routers with AIM-VPN-SSL3 modules in them. One router has been installed in a data center and the other router has been installed in the HQ. The DC and the HQ have been connected by a 4 Mb MPLS link.


Since these routers have an AIM module, i am contemplating on setting up VPN between these routers. Which VPN is recommended in this setup? A site to site VPN or an Easy VPN or a Get VPN or some other option?


Please suggest


Thanks a lot

Gautam


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
PAUL TRIVINO Mon, 07/30/2007 - 15:50
User Badges:
  • Bronze, 100 points or more

Well, on one hand I'd suggest site-to-site, using GRE tunnels so you get full routing etc.


OTOH, if it's across an MPLS link why do you need VPN?


Paul

mattiaseriksson Tue, 07/31/2007 - 01:51
User Badges:
  • Bronze, 100 points or more

If you don't need to run a dynamic routing protocol or use dynamic tunnels, you can use a standard L2L ipsec tunnel. Then you don't have the overhead of the GRE protocol.


A standard ipsec tunnel does not scale well, but it is easiest to configure and require less overhead.


If you want to support remote users, you could choose easy vpn instead.


Here is a very god comparison:


http://www.cisco.com/application/pdf/en/us/guest/products/ps7180/c1031/cdccont_0900aecd80582078.pdf


gautamzone Sat, 08/04/2007 - 03:23
User Badges:

Thanks a lot for the helpful suggesions here. So i infer that GRE with dynamic routing is a good solution to implement.


I will definitely try that out.


Thanks a lot

Gautam


Actions

This Discussion