Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

DLSw via VPN.

Hi all, I have inherited a network using DLSw and have limited experience. Previously all the traffic has been via TCP/2065 on Point to Point WAN or MPLS links through a PIX firewall. We have just started to test passing DLSw over IPSec VPN tunnels to a 3030 concentrator. In order for the peers to activate we have had to enable TCP/2067 on the PIX in addition to TCP/2065.

I have read a little about DLSw+ and rfc2166 but nothing is jumping out at me why the DLSw peers connect fine over the MPLS links through the PIX on tcp/2065 but when passing through the VPN tunnel to the PIX then TCP/2067 needs enabling.

Has anyone else had this issue/knows what is causing it?




Re: DLSw via VPN.

In the sample configuration in this document, there are two routers with data-link switching (DLSw) peers set up between their loopback interfaces. All DLSw traffic is encrypted between them. This configuration works for any self-generated traffic the router transmits.

New Member

Re: DLSw via VPN.

Thanks for the reply didyap, however, its not that actually configuration of DLSw that is causing us problems. It's just the knowledge needed as to why opening tcp/2067 is required on a vpn connection through our pix f/w but not on a normal MPLS connection going through the same f/w.

CreatePlease to create content