Cisco 1711, VPN and tunnels

Discussion in 'Cisco' started by Lars Christensen, Sep 17, 2004.

  1. Hi group...

    I've got a task of configuring a couple of Cisco 1711 with VPN-card
    build-in.

    The setup is as follow:


    LAN router WAN router LAN
    +------+ +------+
    -----| 1711 |---------| 1711 |-----
    +------+ +------+

    The WAN-connection has to be encrypted by DES3 at least.

    That alone is a regular setup, described in the manuals.

    However, my tricky questions are:

    1. Is it possible to make the connection from LAN to LAN totally
    transparent to the rest of the network, so that broadcasts, routing
    updates and so on can occour as if it was a regular ethernet cable.

    2. Is it possible to make the tunnel capable of transporting a MTU of
    1500.


    The WAN link is made of an FWA (Fixed Wireless Access) radiolink with
    regular 10/100 Tx ethernet ports towards the routers.

    Hope to hear from you guys...


    - Cheers

    Lars Christensen
    Lars Christensen, Sep 17, 2004
    #1
    1. Advertising

  2. Lars Christensen

    PES Guest

    "Lars Christensen" <_maybe-for-you-to-know> wrote in message
    news:Xns9567E47C1529Clarsperseusdkmaybefo@130.227.3.84...
    > Hi group...
    >
    > I've got a task of configuring a couple of Cisco 1711 with VPN-card
    > build-in.
    >
    > The setup is as follow:
    >
    >
    > LAN router WAN router LAN
    > +------+ +------+
    > -----| 1711 |---------| 1711 |-----
    > +------+ +------+
    >
    > The WAN-connection has to be encrypted by DES3 at least.
    >
    > That alone is a regular setup, described in the manuals.
    >
    > However, my tricky questions are:
    >
    > 1. Is it possible to make the connection from LAN to LAN totally
    > transparent to the rest of the network, so that broadcasts, routing
    > updates and so on can occour as if it was a regular ethernet cable.


    Ipsec will not natively forward any broadcasts or multicasts. However, if
    you use gre (then encrypt the gre tunnel), you can do anything you could
    normally do with a router interface. You could forward udp broadcast with
    an ip helper and use multicast. I've not tried it, but I think you could do
    an ip directed broad cast with ipsec.

    >
    > 2. Is it possible to make the tunnel capable of transporting a MTU of
    > 1500.


    No, not unless you are tunneling through something like tokenring.

    >
    >
    > The WAN link is made of an FWA (Fixed Wireless Access) radiolink with
    > regular 10/100 Tx ethernet ports towards the routers.
    >
    > Hope to hear from you guys...
    >
    >
    > - Cheers
    >
    > Lars Christensen
    PES, Sep 17, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. dan
    Replies:
    0
    Views:
    1,377
  2. stephen
    Replies:
    6
    Views:
    3,895
    Hansang Bae
    Mar 19, 2005
  3. daniel
    Replies:
    2
    Views:
    3,664
    daniel
    Apr 11, 2005
  4. ljorg
    Replies:
    0
    Views:
    470
    ljorg
    Nov 22, 2006
  5. philbo30
    Replies:
    1
    Views:
    646
    Walter Roberson
    Apr 12, 2007
Loading...

Share This Page