Hello, I am new to VPN. I need to establish a VPN between 2 locations, 1end is a 1602R w/IP/IPX/AT/IBM/FW PLUS IPSEC 56; other end is 2620 w/Enterprise/FW Plus IPsec 56. I need to pass IPX as well as IP. The 2620 is currently running IP NAT overload, along w/ a couple static mappings, and an IP access list w/several rules.
1. Will this equip./sofware handle VPN ? ( I think yes )
2. Will we see a dramatic slow-down ? ( Some, depending on # users )
3. How can I determine the amount of memory needed ?
4. Will NAT and IP security still function ?
My understanding of VPN is limited to "you need to establish an IPSec tunnel".
I am also not clear on the GRE for ipx traffic. I believe I'm trying to setup a 'router to router' tunnel and then configure the protocol ??
I don't mind reading and learning, but am I barking up the wrong tree ?
Okay, if you need to have IPX traffic tunnelled across your vpn, GRE tunnels are your only option. You don't have to encrypt the GRE tunnel, but if you do, you will need to create a crypto map that will encrypt all gre traffic from router a to router b, and then apply that crypto map to the relevant physical interface as well as the relevant logical (tunnel) interface. Becuase the GRE tunnel is an interface of sorts, you can have it as a nat outside/inside or not part of the nat arrangement at all. Configur ip and ipx on the tunnel interfaces to suit and you're done.
Thanks for the reply. I'm still not sure I have enough memory for the GRE/VPN application, and I'm really not clear on the tunnel setup. From your response, I gather that I will set up a GRE tunnel, and that the IPSec piece is the encryption. I'm also guessing that the tunnel is a logical interface, somewhat like a sub-interface. Any good docs you can point me to ?
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...