I have a 3030 concentrator, is it possible to set different tunnels to have different VLAN tags, eg a sales person coming in will be tagged with the correct VLAN for sales and so will not be able to see the marketing resources, BUT a marketing person coming in will be tagged as such and will not be able to see the sales resources but will have access to the marketing ones?
You can't do 802.1q over a VPN because the 802.1q tags that are in each Ethernet frame, are only relevent on trunk links between switches. The connection between your switch and your VPN device will not be a trunk, therfore there is no 802.1q tags on these frames.
I don't belive there are any VPN devices that support extending 802.1q VLANs across a VPN. I could be wrong, of course...
Sorry, you guys seem to have misunderstood my problem. I do not want to transport the tags through the VPN; as far as I know this is impossible with an IPSec tunnel and MPLS although a nice idea is not practical for users dialling in via the PSTN from anywhere in the world through non-predefined POPs.
My aim is to have employees connect through to the Internet via a local ISP (or using GRIC) and then VPN to my concentrator. Once they have made this connection I then want to tag the packets with the relevant VLAN tag. I know this is possible by using a 5000 series concentrator but the 3000 series requires some slightly more creative design work.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :