09-06-2007 10:02 AM - edited 03-03-2019 06:38 PM
Can anyone point me to some information that details the legalities of creating a site-site IPsec VPN between the US and China? I need to do this and am not sure if I will be breaking any laws.
Also, I will be creating the VPN between an ASA5520 (US Side) and a Netscreen 25 (China) and a Netscreen 5GT(China), are there any interoperability issues to look out for here?
09-10-2007 06:07 AM
I am looking for the same information. If you have found anything please let me know. Also, I need to find a Cisco vendor in China (Shanghai). Has anyone worked with one and any thoughts on how the process works and more importantly how long it takes to get the products (router, switches, IP phones, etc)
09-11-2007 06:53 AM
Hi there.
In your situation, i would try to see first if it works at all. Because China is popular with communism's charge manner, there everything is filtered (most of internet content actually.Some people says that ~80% of internet content is filtered (including google)).So, if the protocols with number 50,51 (ESP,AH) are NOT filtered, i believe it is legal and will work without violate any law rules. In communism everything which is not allowed is prohibited by "default" :-) So try to establish IPSec connection to any point outside China, and you will find out the answer :)
Otherwise just consult your lawyer.
Kind Regards,
Danail Petrov
09-11-2007 07:26 AM
I have an ipsec site-to-site working in China (Shanghai) for 2 years now. Other than the 300ms delay it has been working. I did not have any problems with legalities at all, I just created it with the hardware that we bought in China.
09-11-2007 07:30 AM
Apparently, the NetScreen 25 is already in China. Also, when it comes to economic ties, it should be allowed.
Thanks.
09-11-2007 08:19 AM
Hi,
There are some countries that US imposed not only economic embargo but also technology embargo.
Devices that run technological advancement like VPN may be available in some countries (i.e. China) but may not come with all VPN encryption level.
I have configured PIX to Netscreen IPSEC 3DES S2S VPN - in which Netscreen is located in ShangHai. Also IPSEC 3DES S2s VPN between two Netscreen devices (one in ShangHai). A word of advice at the Netscreen config, use Policy base not Route base.
Best way is to get a global vendor with outlet in China (if possible in the city where you want to use it).
Regards,
Dandy
09-11-2007 08:22 AM
Can anyone suggest an ISP in Shanghai? What is involved with ordering this circuit and approximately how long does it take for the circuit to be installed? Any other suggestions for opening a Shanghai office would be appreciated (Cisco vendors, PRI circuits/equipment, etc)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide