Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

unsecured tunneling

I'm using a client to server application that utilizes too many dynamically assigned ports to make going through a customers firewall practical.

I am looking for a way of tunneling router to router (3640's, 12.2(1)D) in order to encapsulate the traffic and minimize the amount of ports required to open on the firewall. I actually benefit by having this not be encrypted but either way may be acceptable. does a non secure method of encapsulating/tunneling exist that might help here?


Re: unsecured tunneling

Yes, you can have a IPSec VPN tunnel which does not encrypt traffic. All you have to do is to specify the right transforms. If you use AH HMAC-MD5 or AH HMAC-SHA in the tunnel mode, you end up with a VPN that ensures Data integrity and data origin authentication and where data transfer is tunnled accross, ie the original packets are encapsulated by an new IP header.

New Member

Re: unsecured tunneling

Thanks for the info! I am actually trying to make due with what I have and my software set is only ip plus on the routers. I did find something on line about using the "interface tunnel XXXX" command to build a GRE tunnel.

I have yet to try it but it looks promising