GETVPN with ASR 1001 Design Question

Unanswered Question
Apr 30th, 2012

I've attached a quick visio for reference.  I'm designing a new Layer 2 WAN with 2 ASR routers, 2 3845's and 2 1941's and hoping to get some insight on a few questions. 

Obivously the goal is to follow best practices and have full redundancy on the network.  I know functionality wise I can place the Key servers on the WAN or behind a GM on the LAN, i'm just looking for some insight on what other folks think is the best plan.

My Questions are:

- Since I have a redundant link, should I place my Key servers on the LAN instead of the WAN so there is a secondary path for them to stay in synch if the L2 WAN goes down?

- If I want to encrypt traffic accross the P2P fiber link does it make more sense for the Key Server's to reside on the LAN instead of the WAN?

- If the provider is only handing off 1 ethernet connection at the Core site, and the key server will live on the WAN, how should I handle splitiing this connection to both the ASR and the Key Sever?  Should I use an external switch, or bridge interfaces on the ASR?  Or is this just another good reason to place the key server's on the LAN?

Thanks for the help.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)

Actions

Login or Register to take actions

This Discussion

Posted April 30, 2012 at 11:47 AM
Stats:
Replies:0 Avg. Rating:
Views:508 Votes:0
Shares:0
Tags: getvpn, wan, asr
+
Categories: Routers
+

Related Content

Discussions Leaderboard