Cisco 3000 concentrator and VLAN design question

Discussion in 'Cisco' started by Rob, May 13, 2004.

  1. Rob

    Rob Guest

    I need to design a system where I can create multiple IPSEC VPN's to
    different customers, each of them going to a seperate VLAN on a
    switch. None of the customers should be able to "see" each other, or
    route to each other, which is why I think VLAN's.

    The idea is bring in a single T1 to the Internet with whatever amount
    of public IP's I need.
    2610 router --> VPN 3000 --> Some 3550 switch --> VLAN's per each
    group of ports.

    * So ports 1-8 may be VLAN 1 with the customer 1 servers, ports 9-16
    VLAN 2 for customer 2, etc. They will be site-to-site VPN's, not
    client based. Each customer will have their own private IP needs
    seperate from everybody else, including my own equipment, when they
    drop off the VPN on my side.

    I've worked on the 3000 concentrators in the past, but not lately, and
    I don't know if improvements in functionality have happened.

    Does the 3000 concentrator support 802.1Q trunking so I can setup per
    VPN - per VLAN networks?

    If not, what is the preferred method to achieve my objectives? Is
    there another router needed in the picture on the inside of the 3000,
    or perhaps a L3 capable switch? How would you do it?

    Rob, May 13, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.