Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
243
Views
0
Helpful
2
Replies

Router encryption translation capabilities?

Cassipidea
Level 1
Level 1

‎02-06-2008 09:05 PM

Not sure if this should be posted in this forum but it seems to be the best fit. (if anyone has a better idea I'll post there).

We have a client communicating to us over a VPN using IPSEC GRE tunneling on a 1700+ series router. They will not use any other kind of router or implement any other security protocols or allow us to install any equipment on their site. Our requirements are that all messages across our internal LAN must be encrypted. If we use a IPSEC router, the messages will come out the back into our LAN in the clear.

Can anyone please tell me if there is a router / firewall or any kind of device that will do encryption translation from IPSEC on the WAN to SSL on the LAN? I say SSL because our crypto devices can support this and at least the messages will get there in some kind of encrypted state.

Any help really appreciated.

Labels:
0 Helpful
2 Replies 2

irisrios
Level 6
Level 6

‎02-12-2008 03:15 PM

Usually two sites involved will have either firewall or router which does authentication and encryption on their respective sides . These devices take care of encryption only between themselves. If you need encryption beyond this to internal LAN on their sides , you need to configure end hosts to support and negotiate for this.

0 Helpful

cisco24x7
Level 6
Level 6
In response to irisrios

‎02-13-2008 09:37 AM

Yes, run "ssh" inside the IPSec tunnel. That

will ensure all communications will be encrypted.

CCIE Security

0 Helpful
Customers Also Viewed These Support Documents