Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Cisco 1711, VPN and tunnels

Reply
Thread Tools

Cisco 1711, VPN and tunnels

 
 
Lars Christensen
Guest
Posts: n/a
 
      09-17-2004
Hi group...

I've got a task of configuring a couple of Cisco 1711 with VPN-card
build-in.

The setup is as follow:


LAN router WAN router LAN
+------+ +------+
-----| 1711 |---------| 1711 |-----
+------+ +------+

The WAN-connection has to be encrypted by DES3 at least.

That alone is a regular setup, described in the manuals.

However, my tricky questions are:

1. Is it possible to make the connection from LAN to LAN totally
transparent to the rest of the network, so that broadcasts, routing
updates and so on can occour as if it was a regular ethernet cable.

2. Is it possible to make the tunnel capable of transporting a MTU of
1500.


The WAN link is made of an FWA (Fixed Wireless Access) radiolink with
regular 10/100 Tx ethernet ports towards the routers.

Hope to hear from you guys...


- Cheers

Lars Christensen
 
Reply With Quote
 
 
 
 
PES
Guest
Posts: n/a
 
      09-17-2004

"Lars Christensen" <(E-Mail Removed)_maybe-for-you-to-know> wrote in message
news:Xns9567E47C1529Clarsperseusdkmaybefo@130.227. 3.84...
> Hi group...
>
> I've got a task of configuring a couple of Cisco 1711 with VPN-card
> build-in.
>
> The setup is as follow:
>
>
> LAN router WAN router LAN
> +------+ +------+
> -----| 1711 |---------| 1711 |-----
> +------+ +------+
>
> The WAN-connection has to be encrypted by DES3 at least.
>
> That alone is a regular setup, described in the manuals.
>
> However, my tricky questions are:
>
> 1. Is it possible to make the connection from LAN to LAN totally
> transparent to the rest of the network, so that broadcasts, routing
> updates and so on can occour as if it was a regular ethernet cable.


Ipsec will not natively forward any broadcasts or multicasts. However, if
you use gre (then encrypt the gre tunnel), you can do anything you could
normally do with a router interface. You could forward udp broadcast with
an ip helper and use multicast. I've not tried it, but I think you could do
an ip directed broad cast with ipsec.

>
> 2. Is it possible to make the tunnel capable of transporting a MTU of
> 1500.


No, not unless you are tunneling through something like tokenring.

>
>
> The WAN link is made of an FWA (Fixed Wireless Access) radiolink with
> regular 10/100 Tx ethernet ports towards the routers.
>
> Hope to hear from you guys...
>
>
> - Cheers
>
> Lars Christensen



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
One remote network - two VPN tunnels on cisco ASA mayureshjo Computer Support 0 03-06-2009 07:22 AM
Number of IKE Tunnels and IPSec Tunnels philbo30 Cisco 1 04-12-2007 02:16 AM
Tunnels accesing other tunnels on concentrator ljorg Cisco 0 11-22-2006 01:43 PM
cisco pix routing for tunnels and vpn jcharth@hotmail.com Cisco 1 06-06-2005 01:01 AM
pix holes for vpn and tunnels jcharth@hotmail.com Cisco 1 04-02-2005 02:04 AM



Advertisments