07-29-2007 06:40 AM - edited 02-21-2020 03:11 PM
Hi friends,
I have 2 Cisco 3845 HSEC routers with AIM-VPN-SSL3 modules in them. One router has been installed in a data center and the other router has been installed in the HQ. The DC and the HQ have been connected by a 4 Mb MPLS link.
Since these routers have an AIM module, i am contemplating on setting up VPN between these routers. Which VPN is recommended in this setup? A site to site VPN or an Easy VPN or a Get VPN or some other option?
Please suggest
Thanks a lot
Gautam
07-30-2007 03:50 PM
Well, on one hand I'd suggest site-to-site, using GRE tunnels so you get full routing etc.
OTOH, if it's across an MPLS link why do you need VPN?
Paul
07-31-2007 01:51 AM
If you don't need to run a dynamic routing protocol or use dynamic tunnels, you can use a standard L2L ipsec tunnel. Then you don't have the overhead of the GRE protocol.
A standard ipsec tunnel does not scale well, but it is easiest to configure and require less overhead.
If you want to support remote users, you could choose easy vpn instead.
Here is a very god comparison:
http://www.cisco.com/application/pdf/en/us/guest/products/ps7180/c1031/cdccont_0900aecd80582078.pdf
08-04-2007 03:23 AM
Thanks a lot for the helpful suggesions here. So i infer that GRE with dynamic routing is a good solution to implement.
I will definitely try that out.
Thanks a lot
Gautam
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: