Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Centralized management/configuration systems

Hello,

Can i have a quick briefing on any carrier-class centralized management/configuration system, that automates the configuration process for MPLS L3, L2VPNs, VPLS, IPTV, VoIP, gaming ... etc

I read about the SCE but it doesn't seem to help on the MPLS VPN services, do i need the SCE plus an additional system like Cisco Works or is there an integrated solution for all that?

Thank you.

1 REPLY
Silver

Re: Centralized management/configuration systems

Here is brief description on why VPN through NAT/PAT doesn't work and the pix ver 6.3 Q1-03 will have a fix for this NAT transparency (IETF UDP-based) In certain cases, NAT or Port Address Translation (PAT) may interfere with the VPN connection process. For example, a consultant working at a client company may need VPN access to the consultancy network through the client's Internet gateway. If, as with most private LANs, the client company gateway uses NAT or PAT at the firewall, the client will need a protocol that uses port numbers, such as TCP or UDP. IPsec does not use port numbers. The consultancy network administrator can configure the VPN concentrator to tell the consultant's PC to apply a UDP header between the IP encapsulation header and the Encryption Security Protocol (ESP) 50 header. (ESP is a set of IETF-standard encryption and packet authentication services per RFC 2406.) When packets leave the consultant's PC and pass through the client company firewall, NAT or PAT translates based on the new UDP header. The new UDP header is stripped at the VPN concentrator along with the IP encapsulation header and the ESP 50 header.

118
Views
0
Helpful
1
Replies