Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Multiple paths through VPN SM in 6500?

I have the need to handle site-site VPN tunnels as well as VPN clients through a single VPN SM in my chassis. The Xauth and mode config client requirements conflict with the tunnel settings, so that the tunnels break whenever I add client config. The best way to handle this is with isakmp profiles, but my current SW does not support them, and it's not clear whether I can get a profile aware version in the SUP720/MSFC3 train yet. I was wondering if it would be possible to have 2 separate port/interface vlan pairs running through the SM, with separate crypto maps on each interface vlan. I would have to route the client and tunnel traffic accordingly. I think this will work, but none of the doc on the SM setup has more than one path through the SM. Any thoughts would be appreciated

  • Other Security Subjects

Re: Multiple paths through VPN SM in 6500?

MVPN is a standards-based feature that transmits IPv4 multicast traffic across an MPLS VPN cloud. MVPN on Catalyst 6500 series switches uses the existing PFC hardware support for IPv4 multicast traffic to forward multicast traffic over VPNs at wire speeds. MVPN adds support for IPv4 multicast traffic over Layer 3 IPv4 VPNs to the existing IPv4 unicast support.

MVPN routes and forwards multicast packets for each individual VPN routing and forwarding (VRF) instance, as well as transmitting the multicast packets through VPN tunnels across the service provider backbone.

MVPN is an alternative to IP-in-IP generic route encapsulation (GRE) tunnels. GRE tunnels are not a readily scalable solution and they are limited in the granularity they provide to customers.

This widget could not be displayed.