Catalyst 6500 L2 over IPSEc

Unanswered Question
Jan 26th, 2010

Is catalyst 6500 supports L2TPv3 over IPSEC in combination with  VPN Services Port Adapter (VSPA) ?

Is catalyst 6500 supports VPLS over IPSEC in combination with  VPN Services Port Adapter (VSPA) ?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Idan Grinshpon Tue, 01/26/2010 - 23:28


Can you describe the traffic flow, please? When IPSEC encapsulation of GRE tunnel performed & how "GRE encapsulated traffic" redirected to VSPA  from SIP-400/600??

Edison Ortiz Wed, 01/27/2010 - 08:37

The VPN SPA will take care of any IPSec related services hence removing this load from the CPU or any other ASIC on the switch.

The SIP400 with a GigaSPA will take care of the physical traffic leaving the switch.

I highly suggest you become familiar with the hardware and configuration so please read the documentation:

Idan Grinshpon Wed, 01/27/2010 - 08:58


Where encapsulation of MPLS traffic to GRE tunnel performed? On VSPA or GigaSpa ?

If the answer "On VSPA" - so the output of VSPA is regular IP packet (non MPLS) so why I need GigaSpa WAN card, can't i use LAN card (like 6748) ???

Or you mean that the MPLS packet encapsulated in GRE tunnel on GigaSpa and then IPSEC encapsulated on VSPA ??

Edison Ortiz Wed, 01/27/2010 - 09:05

MPLS is performed on the GigaSPA.

You can use a regular line card as the one you mentioned but it won't support VPLS

And before you ask, EoMPLS over GRE is not supported on 6500.


This Discussion