Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Best Sol'n for P2P IPSEC w/ Cat6500 VPN SPA

Hi,

Can anyone tell me the best solution for IPSEC encryption over Point-to-point Ethernet link b/w two Cat6500 with VPN SPA? At first I though we could use VTI, but learned the hard way that VTI is not supported on Cat6500/Cisco7600 (if only we read the VTI SRND, it would've saved a bit of headache! :( ).

Thanks muchly for any pointers...

Cheers

2 REPLIES
Silver

Re: Best Sol'n for P2P IPSEC w/ Cat6500 VPN SPA

Payload Compression Protocol. This is a compression protocol supplied with the Cisco IOS software code on which the FWSM IPSec implementation is based. The FWSM does not support the PCP protocol.

Cisco Employee

Re: Best Sol'n for P2P IPSEC w/ Cat6500 VPN SPA

Michael,

Yes, you are correct. VTI is not supported in IPSEC VPN SPA on 6500. But, is supported on the 7600 with 12.2(33)SRA release. Please refer the below URL for details.

http://www.cisco.com/en/US/products/hw/routers/ps368/module_installation_and_configuration_guides_chapter09186a00804d35a6.html

In your case, if you want dynamic unicast or multicast routing protocols over the tunnel, then GRE Over IPSEC is the way. Configuration Guide in the below URL:

http://www.cisco.com/en/US/products/hw/switches/ps708/module_installation_and_configuration_guides_chapter09186a00805f3812.html#wp1130644

I hope it helps.

Regards,

Arul

136
Views
0
Helpful
2
Replies
CreatePlease to create content