Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IPSec ttermination on VRF interface

Hi

I'm wondering if it's possible to terminate an IPSec connection on a vrf interface. I've already read the documentation about VRF aware IPSec, but in that case, a few IPSec connection over the internet are split afterwards into different MPLS VPN's.

In my case it's really just building a IPSec connection from one vrf interface on a router to another interface in the same vrf on another router....

any ideas?

cheers patrick

2 REPLIES
Hall of Fame Super Silver

Re: IPSec ttermination on VRF interface

Hello Patrick,

depending on the ios release and platforms you can do it.

Using C7206 and C3725 and C3745 with advanced enterprise image we were able to implement in a lab environment a Dynamic multipoint VPN in a Carrier Supporting Carrier context.

There also some Ask the expert about network managed services that are focused on the C7600 platform.

And presentations about DMVPN in Networkers sessions are good.

There are some notes:

DMVPN combines IPSec with multipoint GRE and using NHRP (Next Hop Resolution Protocol developed for ATM environments) allows for scalability and easy of maintenance of networks.

IPsec VRF aware, as you correctly point out, is a way to interconnect some remote branches via internet to an enterprise network served by an MPLS service provider

hope to help

giuseppe

New Member

Re: IPSec ttermination on VRF interface

Hi Giuseppe....

Thanks for your replay. Was helpful. I also found some information about a feature introduced in release 13.3(7)T -> IPSec Virtual Tunnel Interface.

Would also be a nice solution to terminate different IPSec connections on different VRF's.

http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080455b00.html

cheers

patrick

163
Views
0
Helpful
2
Replies
CreatePlease login to create content