Encrypt all the packet (including the header) issue

Unanswered Question
May 30th, 2009


In th HQ, I have a Cisco router connected to a security equipment (Crypto AG) that encrypt all the packet (including the header), the security equipment is connected to another Cisco router which is connected to IP/MPLS or Frame Relay Provider.


In the branch office, I have the same architecture.

Is there any why to make this architecture work (can ping from the 1st router in HQ to second router in branch office) ?

I was told that we can use PAD (packet assembler/disassembler) to communicate between the 2 routers in the same site

any advice will be helpfull.

thanks in advance.



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
smalkeric Thu, 06/04/2009 - 11:23

You can create Frame Relay connections using one of the following hardware configurations:

•Routers and access servers connected directly to the Frame Relay switch

•Routers and access servers connected directly to a channel service unit/digital service unit (CSU/DSU), which then connects to a remote Frame Relay switch

Routers can connect to Frame Relay networks either by direct connection to a Frame Relay switch or through CSU/DSUs. However, a single router interface configured for Frame Relay can be configured for only one of these methods.


b_lamine81 Thu, 06/04/2009 - 12:32


many thanks for your reply.

the problem is that the Security device works in Layer 1, it encrypt all the packet including the L2, L3 header, which means that the cisco router doesn't know how to forward the packets received from it's connection with the security device to the other side.




This Discussion