Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

vtp over encrypted links


I have the unenviable scenario of being forced to use encryption on the links between switches. They will be point-to-point gigabit links via SFP/GBIC adapters. (I know encryption shouldn't be necessary on a point-to-point topology, but it's been decided from so high it needs oxygen, and is totally unarguable).

They are going to be 3750's, so as a last resort, I'll have to muck about with subnets on a per-switch basis, and configuring DHCP helper to match. However I'd rather keep it as vanilla a switch fabric as possible so site engineers can do a more rapid swap-out if required.

What I'd like to do is configure encryption between the switches while using either dot1q or ISL to carry VTP.

Has anyone ever done this? Is there a native layer-2 encryption process I can use?

All tips most welcome, and thanks in advance.

New Member

Re: vtp over encrypted links

Many people have proposed I use MD5 encryption via EIGRP - whilst this would solve the Gigabit encryption issue, it wouldn't immediately solve the VTP transport issue as it would be a L3 solution.

Does anyone know if, for instance, I configured a 10-net to create the L3 links for the above, I could do any form of tunneling to preserve the L2 traffic?