Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IPsec VPN and loopback interface etc......

Hi all,

We are trying to setup a bulk SMS system to transmit SMSs.

I have to setup a connection with the service provider.

We have been told we need to use VPN over our link. We are connecting our sites through ATM since we both have ATM.

Here it the confusing part of the whole thing.

I have never setup VPNs but from other examples i have seen its quite straight forward. Well...it was until i had talk with the service provider engineer.

First of all, i was given a private IP of subnetted class A to use on my subinterface.

When i talked to the engineer he said i need to have 2 public IPs set up.

I have discussed with him and the outcome is this (even though he could not give me technical reasons for doing so ) :

I am going to use a subnetted class A IP on my ATM Subinterface.

Then he mentioned something about using one of the Public IPs on my loopback interface. And then he said i will use NAT with the second Public IP.

I have tried to get some sense for all these, but he could not help me. Maybe he was giving me general instructions of how they set this up. I require more technical reasons to back up the loopback with Public IP and the use of another NATed public IP.

Can some one give me example of what teh loopback interface is and what exactly is it used for in a VPN. Does his setup make sense ????

Please help me....if you need more claryfying for my situation please let me know.

Hope you can help ,

George

2 REPLIES
Bronze

Re: IPsec VPN and loopback interface etc......

AFAIK the loopback interface is being defined in this case so that the tunnel will be in the up state even if the interface goes down due to a physical or data link layer failure.

The setup you describe seems to be a round about way of going around things (I belive in keeping it simple) but Im sure your provider has a good reason for doing it (probably) and their engineer would be the best person to explain the rationale behind using such a setup.

HTH

Please rate posts that help

Regards

Arvind

Bronze

Re: IPsec VPN and loopback interface etc......

Hello,

are the routers at both your endpoints managed by that same ISP ? If so, I can imagine that the ISP uses those public loopback addresses for their own management.

IMHO, if the engineer is not able to explain why things are done that way, he (or she) is probably reading that information off some script, without understanding him (or her)self what is meant. Who is your provider, and what country are you in ?

Regards,

Nethelper

147
Views
0
Helpful
2
Replies
CreatePlease login to create content