I have 2 1gb wan ethernet pipes coming into our new building. Our ISP has brought both connections in on the same (vlan) on their end (non internet). I basically need this setup so I get the best performance out of the 2 1gb connections. The provider said they won't port channel to me. So if I use the below configuration how will it treat the 2 switchport wan connections. Will spanning tree block one port and forward out the other. I am trying to figure out how to load-balance the 2 wan connections through a DMVPN SPA VPN (This site would be the hub of a DMVPN environment). The 2 Gigabit interfaces would be my wan connections. (G1/2, G1/1). Will a bridge group work with the spa vpn adapter. I know they have alot of limitations.
vlan 101 name Centurylink_connection_layer2 exit
interface GigabitEthernet1/2 desc **centurylink link 1 1gb** ! switch outside port switchport switchport access vlan 101 switchport mode access ! interface GigabitEthernet1/1 desc **centurylink link 2 1gb** ! switch outside port switchport switchport access vlan 101 switchport mode access !
interface Vlan100 desc **Wan Ethernet IP interface Layer 3*** ! interface VLAN ip address 172.19.247.130 255.255.255.128 crypto engine slot 2/0
! interface Vlan101 desc **Connects multiple switch ports to spa vpn adapter to 1 ip address** ! port VLAN no ip address crypto connect vlan 100
interface Tunnel2 description ***mGRE DMVPN Enhanced Ethernet Interface *** ip address 172.19.254.129 255.255.255.128 no ip redirects ip mtu 1400 ip flow ingress ip nhrp authentication xxxxx
ip nhrp map multicast dynamic ip nhrp network-id 40000 no ip split-horizon eigrp 9
Re: SPA VPN DMVPN with multiple wan ethernet links
We have to encrypt every packet on our network. (dang FBI mandates). I really would like to bundle or channel the to links (layer 2 solution) and use a vlan interface for the IP, and to maximize the 2 connections. Not just a failover connection. Software code is 12.2.33SXI3.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...