Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IPSEC VRF-AWARE

Hi All,

we recently bought a IPSec VPN SPA card for a 7606 (720 3bxl) and we want to implement the following service on the router.

We want to connect IPSEC VPN tunnels through the internet and based on their peer-id terminate traffic on the corresponting VRF.

I was looking through the configuration of IPSEC SPA, but all the examples have the outside interface belonging to a vrf and not the Internet Global routing table.

http://www.cisco.com/en/US/products/hw/routers/ps368/module_installation_and_configuration_guides_chapter09186a00804d3610.html

What we are really looking into is on our router, Internet routes run on global table and we want IPSECs to be forwarded to the customers vrfs (similar to vpdn)

2 REPLIES

Re: IPSEC VRF-AWARE

Hello,

the examples provide configs for your case as far as I understand. Take the example "VRF-Aware IPSec Configuration Example 1 (Basic Configuration)"

http://www.cisco.com/en/US/products/hw/routers/ps368/module_installation_and_configuration_guides_chapter09186a00804d3610.html#wp1246702

Here the outside interfaces to the internet is GigabitEthernet1/1, which belongs to the global routing table. GE2/1, GE2/2, VLAN100 and VLAN200 belong to customer VRFs.

Some of the examples are a little messed up with incomplete or irrelevant parts. So in brief: everything works fine, when you have the internet interfaces in global ip routing and the customers in VRFs.

Hope this helps! Please rate all posts.

Regards, Martin

New Member

Re: IPSEC VRF-AWARE

Hi Martin,

As you said, the configs are really messed up. Perhaps some drawings could help. The configuration I am looking for, is more clear in the scenario of a NON-7600 router (with-out any SPA cards) - (IOS 12.4): http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080455b65.html

But I was looking for a complete scenario (beginning to end) on the 7600....

Thanks.

395
Views
0
Helpful
2
Replies
CreatePlease login to create content