Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
784
Views
0
Helpful
1
Replies

UC540 with FXO BGP support

Dfulgencio
Level 1
Level 1

‎12-28-2010 12:59 PM - edited ‎03-21-2019 03:27 AM

Hi,

I have a UC540 with FXS Small Business Pro router.  I'm trying to configure BGP but i can't.  The IOS doesn't support BGP,OSFP,ISIS or EIGRP protocols.

Here is the version of IOS i'm using:

Cisco IOS Software, UC500 Software (UC500-ADVIPSERVICESK9-M), Version 15.1(2)T2, RELEASE SOFTWARE (fc1).

Can somebody tell me if it is posible to install a IOS that let me configure BGP on this router?

Thanks a lot.

Labels:
0 Helpful
1 Reply 1

John Platts
Level 4
Level 4

‎12-28-2010 08:35 PM

The UC500 series does not support any dynamic routing protocols. Site-to-site VPNs can be configured using crypto maps or IPsec static virtual tunnel interfaces with static routing on the UC500 series.

Example of site-to-site VPN configured with an IPsec static virtual tunnel interface on the UC500 series:

crypto keyring S2S-Keyring
  pre-shared-key address 100.92.3.42 key s2sVPNkey1

!
crypto isakmp policy 1
encr aes 256
authentication pre-share
group 2
!
crypto isakmp policy 2
encr 3des
authentication pre-share
group 2
!

crypto isakmp profile S2S-KeyProfile

keyring S2S-Keyring

match identity address 100.92.3.42 255.255.255.255

!
crypto ipsec transform-set ESP_AES_SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP_3DES_SHA esp-3des esp-sha-hmac
!

crypto ipsec profile S2S-Tunnel
set transform-set ESP_AES_SHA ESP_3DES_SHA
set isakmp-profile S2S-KeyProfile
!

interface Tunnel0
ip unnumbered BVI1

! NOTE: For UC560 models, use tunnel source GigabitEthernet0/0 instead of

! tunnel source FastEthernet0/0 in the line below.
tunnel source FastEthernet0/0
tunnel destination 100.92.3.42
tunnel mode ipsec ipv4
tunnel protection ipsec profile S2S-Tunnel

!

! Use ip route to route traffic over the IPSec static virtual tunnel interface.

ip route 10.1.20.0 255.255.255.0 Tunnel0

ip route 10.2.20.0 255.255.255.252 Tunnel0

ip route 192.168.20.0 255.255.255.0 Tunnel0

Site-to-site VPNs using IPsec static virtual tunnel interfaces is not a new feature on UC500 features. The CCA multisite manager can configure site-to-site VPNs, but it currently uses a crypto map instead of a IPsec static virtual tunnel interface to do so. It is possible to do multi-subnet site-to-site VPNs between IOS-based endpoints without having to use GRE or dynamic routing, as illustrated in my example above. There have been enhancements made to IPsec VPN support in IOS 15.1T, but these enhancements are not yet supported in CCA.

CCA already does support Easy VPN server using dynamic virtual tunnel interfaces since the CCA 1.9 release. Support for site-to-site VPNs using IPsec static virtual tunnel interfaces, along with enhancements made in IOS 15.1T available on UC500 IOS images, should be added to future CCA releases. The crypto map approach will still continue to be supported for site-to-site VPNs configured in the multisite manager for backwards compatibility.

0 Helpful
Customers Also Viewed These Support Documents