Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

GETVPN Over MPLS VPN and L2VPN

Hi all,

i need to design a solution with MPLS L3 VPN and L2 VPN with Encryption. i am trying to understand if i can use getvpn. the same router will be MPLS router and GM router.

  1. for L3 VPN i saw i can implement getvpn crypto map on the vrf interface before the labaling - corret ?
  2. can i implement getvpn crypto man on xconnect interfce ? - this is an EoMPLS interface ?
  3. what are the restrictions with this kind of integration ?

thanks,

Avi

Everyone's tags (1)
5 REPLIES

GETVPN Over MPLS VPN and L2VPN

Hi Avi,

I would not recommend joining getvpn and mpls PE functions into singe device.

It will save you from an administrative nightmare if you have L2/L3 VPN terminated on PEs and encryption at CE boxes.

adam

adam
New Member

GETVPN Over MPLS VPN and L2VPN

OK,

i need to understand if i can deploy GETVPN on MPLS Traffic - meaning deploy GETVPN crypto map on the MLPS IP interface, or GETVPN can only be deply on IP Traffic ?

thanks,

Avi.

New Member

GETVPN Over MPLS VPN and L2VPN

Hi !

GetVPN encrypts only the payload of the traffic and leaves the headers intact. So L3 and L$4Information keeps visible.

Therefore you can use it over MPLS without any problems.

regards

alexander

New Member

GETVPN Over MPLS VPN and L2VPN

let me be more clear.

i want to encrypt PE-PE traffic which is MPLS Traffic. meaning, deploy encryption on the PE core facing interface. can i do it with GETVPN ?

Hall of Fame Super Silver

GETVPN Over MPLS VPN and L2VPN

Hello Avi,

>> deploy encryption on the PE core facing interface

This is not supported, the usual scenario is CE to CE encryption with PE nodes that are different nodes.

Also user facing interfaces with EoMPLS xconnect do not support encryption as they have no OSI L3 configuration.

Hope to help

Giuseppe


671
Views
0
Helpful
5
Replies
CreatePlease to create content