06-22-2010 02:32 AM - edited 03-06-2019 11:41 AM
Hi all Expert ..;-)
Need ur urgent help...
I have to configure a L2TP between two 6500 switch. Need configuration and confirmation that it work..
WS-C6509 is running with 72033-advipservicesk9_wan-mz.122-18.SXF17.bin
I would realy appriciate if som1 can giv me solution..
Regards
amar
Solved! Go to Solution.
07-04-2010 04:54 AM
Hello Amar,
I don't see a way to achieve encryption in your current setup without adding expensive boxes
However, fiber based links are inherently secure that is that they cannot be sniffed by simply putting something near the fibers.
For this reason some networks are built with fiber to the PC instead of using RJ45.
Try to report this to your management, for a few days you should be able to afford the use of the fiber link without encryption.
Hope to help
Giuseppe
06-22-2010 04:20 AM
Hi
For L2TP , Please refer the document.
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t2/feature/guide/gtl2tpv3.html
Regrads
Chetan Kumar
06-22-2010 06:01 AM
Hello Amar,
when wondering if a feature is supported on a device you can use feature navigator
Search by feature
if you are interested in L2TPv3 for transport services
L2TPv2 = L2TP is used in broadband access
according to feature navigator L2TPv3 is supported on C7600 with sup720 and MSFC3 for example on:
SERVICES
c7600s72033-advipservices-mz.122-33.SRC4.bin
on your image you should be able to run EoMPLS that is pseudowire with enc mpls I've checked on one device
see
router(config)#pseudowire-class pippo
router(config-pw-class)#enc ?
mpls Use MPLS encapsulation
router(config-pw-class)#enc mpls ?
sh ver | inc image
System image file is "disk0:s72033-advipservicesk9_wan-mz.122-18.SXF17a.bin"
if you don't see encapsulation l2tpv3 it is not supported
Hope to help
Giuseppe
06-30-2010 05:24 AM
Hi,
I have configured the L2tp on l2 trunk between 6509, (sup720 msfc3) and able to pass all the traffic...
these two switches are in two diffrent location...My query is that, can we do any encryption on it..
interface GigabitEthernet1/7
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
no ip address
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp
no cdp enable
spanning-tree bpdufilter enable
end
Thanks
Amar...
06-30-2010 06:04 AM
Hello Amar,
without an hardware module that provides encryption the answer is negative.
You would need a SIP linecard and to install an IPSec VPN SPA over it
see
But I'm not sure it would be enough, it may work with an ES linecard + the IPSEC VPN SPA in a SIP linecard (not a sip 600)
Hope to help
Giuseppe
07-03-2010 12:59 PM
Hi,
actually i an extending the data center LAN to a new location and later the old data center will be shut and same WAN IP will be assigned on similler set of WAN routers at new data center..
these location is seprated by 10 KM and 2 GB link terminated between them..
Idea was to avoid any downtime during movement of all links, routers server to new datacenter..
now with the help of l2 trunk i am able to extend my LAN and setting all servers at new location...
but the concern is that communication between these data center(L2 link between these 6500 switches) should be encrypted...
Since the data is huge and an encryption box is very costly which is just required for few days till data center is operational..
wondering how can I secure the data flowing between these switches..!!!
Regards
amar
07-03-2010 01:02 PM
Also want to add that, since it is LAN extention, I cant have l3 link between these switches, so cant have an l3 ipsec...
07-04-2010 04:54 AM
Hello Amar,
I don't see a way to achieve encryption in your current setup without adding expensive boxes
However, fiber based links are inherently secure that is that they cannot be sniffed by simply putting something near the fibers.
For this reason some networks are built with fiber to the PC instead of using RJ45.
Try to report this to your management, for a few days you should be able to afford the use of the fiber link without encryption.
Hope to help
Giuseppe
07-04-2010 06:29 AM
Thanks Giuseppe....for clearing my doubts.. All the info were very helpful..I realy appreciate...
Regards
Amar..
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: