Router encryption translation capabilities?

Unanswered Question
Feb 6th, 2008
User Badges:

Not sure if this should be posted in this forum but it seems to be the best fit. (if anyone has a better idea I'll post there).

We have a client communicating to us over a VPN using IPSEC GRE tunneling on a 1700+ series router. They will not use any other kind of router or implement any other security protocols or allow us to install any equipment on their site. Our requirements are that all messages across our internal LAN must be encrypted. If we use a IPSEC router, the messages will come out the back into our LAN in the clear.

Can anyone please tell me if there is a router / firewall or any kind of device that will do encryption translation from IPSEC on the WAN to SSL on the LAN? I say SSL because our crypto devices can support this and at least the messages will get there in some kind of encrypted state.

Any help really appreciated.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
irisrios Tue, 02/12/2008 - 15:15
User Badges:
  • Silver, 250 points or more

Usually two sites involved will have either firewall or router which does authentication and encryption on their respective sides . These devices take care of encryption only between themselves. If you need encryption beyond this to internal LAN on their sides , you need to configure end hosts to support and negotiate for this.

cisco24x7 Wed, 02/13/2008 - 09:37
User Badges:
  • Silver, 250 points or more

Yes, run "ssh" inside the IPSec tunnel. That

will ensure all communications will be encrypted.

CCIE Security


This Discussion