11-03-2003 10:22 PM
Hi All,
we r ISP. we hav MPLS -VPN set up having GSR adn 6509. wants to go for Security auditing. need suggestions for security.
Thanks & Regards,
Ciscobuddy
11-04-2003 03:08 PM
MPLS VPN security was analysed by Miercom and independent body back in March 2001. You may want to use that report for your Security audit. You can access that report at http://www.miercom.com/dl.html?fid=20010330&type=report
You will need to register - it is Free
Cheers
Amrit
11-05-2003 09:30 PM
hi Amrit,
Thanks for ur reply. so many doubts regarding security auditing for MPLS VPN. can u suggest me good links so i can study. we r ISP.
Thanks & Regards,
Ciscobuddy
11-06-2003 12:25 AM
Hi Buddy,
Can anybody give me suggestions for following questions
1. how can we hide the Addressing structure of the MPLS core for outside the world
2. Can u put some security for CE-PE
interface. if yes then pls suggest me.
3. Cn we hide PE routers IP address from CE.? if yes then How? pls suggest.
4.is it possible that PE router should never accept unlabel packet from CE ?
%. Security for Fake Labels on CE-PE interface.
Please give me sugestion for abover questions
Thanks & Regards,
Ciscobuddy
11-06-2003 05:19 AM
To hide the ip structure use the no ip propate-ttl command. Labelled packets are not normally exchnaged between CE and PE, unless you are having a carrier's carrier configuration.
11-14-2003 02:23 AM
hi,
i hv 6509 configured as PE in that this command is not there. can u give me some more advise.
Thanks & REgards,
Ciscobuddy
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide