I have three IOS routers in different sites all interconnected via OSPF over GRE over IPSec. It's working perfectly. One of the routers at one of the sites is getting overloaded due to the IPSec, so I want to replace it with a PIX running 7.2 code.
The PIX doesn't support GRE so I have to re-think how this is all setup and I'm looking for suggestions. I'm not sure if I should get rid of GRE across the board and just do OSPF over IPSec (I'm not sure if IOS can do straight OSPF over IPSec without a tunnel of some sort, but it appears PIX 7.2 can) or what my options are here.
you can monitor in Performance Monitor and describes supported software versions on those devices. The software versions that you can use on a device are limited in all cases by what can actually run on the device and are further limited in some cases by restrictions that Performance Monitor imposes. The router 2611 running 12.3(7)T can be replaced with 515E, 520, 525, 535 running software version 6.3(4), 7.0(x), or 7.1(x)
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...