DDR using KG-250 Encryptors

Unanswered Question
Sep 6th, 2008
User Badges:

I am creating a point to point link between one cetral site and one remote site utilizing ISDN until my organization can procure a dedicated leased line (E1). Now the planning requires putting 4BRI lines as a bundle (to use aggregate bandwidth of 512Kbps) for this primary link (4 bri's at the central site, and 4 at the remote site. I require the link to only come up when interesting traffic triggers the ISDN Line (we will have a VTC/V OsIP requirement max 2 hours per call). The equipment at the central site is 1 2811 (RED) router connected to a KG-250 IP encryptor then to another 2811 (Black) router and the same is true for the remote site with the ISDN link between the two "Black" routers. I am using a GRE tunnel on the "Red" side. I need a solution to keep the GRE tunnel and encryptors from passing fake "interesting" traffic which in turn prematurely activate the ISDN lines. My problem is of course allowing VOIP/VTC traffic on the "Red" side for my Dial-on-Demand routing. Suggestions???

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
drolemc Thu, 09/11/2008 - 11:40
User Badges:
  • Silver, 250 points or more

Traffic must be classified as "interesting" in the dialer list when doing encryption over a DDR link.Note: Compression does work in Cisco IOS Software Release 11.3, but it is not very userful for encrypted data. Because the encrypted data is fairly random-looking, compression only slows things down. But you can leave the feature on for non-encrypted traffic.

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_tech_note09186a0080094628.shtml#sam4

To check the configuration also

To configure Cisco Encryption Technology (CET) encryption with a GRE tunnel, you must configure encryption on the tunnel's interface.

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00800945dc.shtml


Actions

This Discussion