05-19-2007 08:34 AM - edited 03-03-2019 05:03 PM
Hi.
We have a client asking to do something I do NOT think is possible but I may be wrong. Two sites, NY and LA. BOTH are using the private block 10.10.10.X /24. They are currently NOT connected but will be via a 10Mb fiber link. Thus, layer two... They wish to ENCRYPT traffic across this "bridged" link... Has anybody done this before and / or is it even possible?? The goal is essentially to PROTECT the firm from the carrier providing the layer two fiber!! Ideas please!!!
05-19-2007 08:39 AM
Encryption won't work with bridging.
Once your customer uses two different IP subnets, you can encrypt traffic using IPsec.
Hope this helps, please rate post if it does!
05-19-2007 08:59 AM
Thank you. :) Would you know of 'any' way - even non-cisco - that will facilitate the easiest way to get this link encrypted? Just wondering?
:)
Thanks!
05-19-2007 10:39 AM
Hi,
Considering that a pair of cisco routers series 870, modestly priced, will provide encryption speed of 8 Mbps, I think that is the best way to do it. If you need to connect directly to the fiber, the price will be higher and you would need to mention here the physical access characteristics of the link.
Thanks for the nice rating and good luck!
05-19-2007 04:01 PM
But wait... I'm sorry... won't that mean that we will need to have a different subnet on both sides? Can we bridge?
05-19-2007 11:29 PM
Hi,
as consultant/vendor the best favor you can do to your customer is to convince him to renumber and help in the process.
All other hypothesis are kludges that will only generate complications and trouble.
Good luck!
05-20-2007 05:06 AM
You are 1000% correct!!! Believe me, I am trying! :) And, thank you so much for the URLs. I am going through them now. ;)
05-19-2007 06:16 PM
The feature you want is L2TPV3, it is layer 2 tunneling that supports IPSEC for encryption.
http://www.cisco.com/en/US/netsol/ns588/networking_solutions_white_paper09186a008017fa6e.shtml
http://www.cisco.com/en/US/products/sw/iosswrel/ps1829/products_feature_guide09186a00801039ae.html
Cheers,
Brian
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: