Get VPN without Dedicated Key Server

Answered Question
Dec 2nd, 2009

Dear all,

We are planning to implement Get VPN in our organization and are collecting and placing pieces required to carryout Get VPN implementation. And I have a question regarding this.

Do we really need a dedicated Key Server? I mean I know that the Key Server cant be a group member but here is my question. I have a router which is configured for some Voice Features. And I dont want this to be a member of my Get VPN infrastructure (but it will be on the network and accessible at remote locations and offices). So can this router be configured as the Key Server and still perform other services like voice features or other stuff? I really need to know if this can work.

I would really appreciate a quick and exact answer as this forum is my last resort. Thanks in advance.

- Jay

I have this problem too.
0 votes
Correct Answer by kicharle about 6 years 12 months ago

Hi Jay

You definitely need a Key Server as that is router which is going to push the security polices to the Group members. But it can't be part of the IPSec connections i.e., not a Group member.

You can run other services and features on that router. But it should not affect the ISAKMP and GDOI traffic from the Group Members.

With regards

Kings

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
kicharle Wed, 12/02/2009 - 02:17

Hi Jay

You definitely need a Key Server as that is router which is going to push the security polices to the Group members. But it can't be part of the IPSec connections i.e., not a Group member.

You can run other services and features on that router. But it should not affect the ISAKMP and GDOI traffic from the Group Members.

With regards

Kings

Actions

This Discussion