I have a network design issue to solve and need some help. Current network uses ISL to trunk vlans between two sites. Some encryption devices need to be installed that do not understand ISL (or BPDUs for that matter). I need to split the ISL, or tunnel it, so that the inside devices cannot see the L2 stuff but the end devices can still communicate. Any ideas?
Ordinarily, I would agree with you but the end Customer only wants the link segments encrypted. I am currently looking into 802.1Q tunneling. Is this usable on 2960 switches and is there any gotchas to watch out for? Topology is actually 4 switches and two links in a redundant loop between the sites. Keeping STP running would be nice (-:
I had to solve a very similar problem to yours, and the solution I came up with was to use L2TPv3 (layer 2 tunnelling protocol) over IPSEC. I used the same device (a pair of old 1700 series routers at each end) to create both the L2 tunnel and the IPSEC tunnel, but in your case you are using a separate device to do the encryption. You just need to create the L2 tunnel between 2 devices which are on the unencrypted side at each end. You need to ensure that the 2 devices can route to each other.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.