Can you terminate multiple IPSec tunnels between the same 2 peer endpoints?

Unanswered Question
Feb 16th, 2010

Hi All.


I am trying to terminate 2 different VRF aware IPSec tunnels between the same pair of public IP peering points.

This is in IOS (on Cisco 2811s).

Each tunnel will have a different VRF & different PSK, but everything else will be the same.

Is this possible?


Thanks,

Jon.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Federico Coto F... Tue, 02/16/2010 - 06:43

Hi,


What kind of configuration are you trying to accomplish?


Each vrf will have static routes or would you run an IGP?


Federico.

jjdennis1 Tue, 02/16/2010 - 06:48

Hello.


Normally we run OSPF, and then redistribute into MP-BGP at the PE.

But I can run static routing.

Does this have an impact?


Cheers,

Jon.

Federico Coto F... Tue, 02/16/2010 - 09:53

No impact, just asking because in plain IPsec tunnels you can't run dynamic routing protocols.


Have you tested yet the scenario?


Federico.

jjdennis1 Wed, 02/17/2010 - 08:41

Hey.


Well, these are IPSec tunnels dropped into a VRF (1 vrf per tunnel) so we can do whatever routing we like....

I haven't tested it yet, was just being lazy to see if I could get away without testing! ;-)

Will test 2mor on good old Dynagen and post the results.


Cheers.

Actions

This Discussion