I'm using a client to server application that utilizes too many dynamically assigned ports to make going through a customers firewall practical.
I am looking for a way of tunneling router to router (3640's, 12.2(1)D) in order to encapsulate the traffic and minimize the amount of ports required to open on the firewall. I actually benefit by having this not be encrypted but either way may be acceptable. does a non secure method of encapsulating/tunneling exist that might help here?
Yes, you can have a IPSec VPN tunnel which does not encrypt traffic. All you have to do is to specify the right transforms. If you use AH HMAC-MD5 or AH HMAC-SHA in the tunnel mode, you end up with a VPN that ensures Data integrity and data origin authentication and where data transfer is tunnled accross, ie the original packets are encapsulated by an new IP header.
Thanks for the info! I am actually trying to make due with what I have and my software set is only ip plus on the routers. I did find something on line about using the "interface tunnel XXXX" command to build a GRE tunnel.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...