I have the need to handle site-site VPN tunnels as well as VPN clients through a single VPN SM in my chassis. The Xauth and mode config client requirements conflict with the tunnel settings, so that the tunnels break whenever I add client config. The best way to handle this is with isakmp profiles, but my current SW does not support them, and it's not clear whether I can get a profile aware version in the SUP720/MSFC3 train yet. I was wondering if it would be possible to have 2 separate port/interface vlan pairs running through the SM, with separate crypto maps on each interface vlan. I would have to route the client and tunnel traffic accordingly. I think this will work, but none of the doc on the SM setup has more than one path through the SM. Any thoughts would be appreciated
MVPN is a standards-based feature that transmits IPv4 multicast traffic across an MPLS VPN cloud. MVPN on Catalyst 6500 series switches uses the existing PFC hardware support for IPv4 multicast traffic to forward multicast traffic over VPNs at wire speeds. MVPN adds support for IPv4 multicast traffic over Layer 3 IPv4 VPNs to the existing IPv4 unicast support.
MVPN routes and forwards multicast packets for each individual VPN routing and forwarding (VRF) instance, as well as transmitting the multicast packets through VPN tunnels across the service provider backbone.
MVPN is an alternative to IP-in-IP generic route encapsulation (GRE) tunnels. GRE tunnels are not a readily scalable solution and they are limited in the granularity they provide to customers.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...