Also you may wish to look at TED, Cisco paints this as the solution
to this issue but I've no idea of deployment status in code etc.
Neil.
> > We are looking at deploying a Cisco IPSec VPN between a number
> > of our departments. However the problem is we do _not_ want to
> > terminate the peers on a central box. We want to create a a partial
> > mesh and most likely a full mesh.
> >
> > The problem is the crypto peers , each time we add a new site
> > it means a huge pain in the ass creating all the new peers.
> > Is there anyway around this ?
> >
> > I know MPLS would be ideal for this but we are already running
> > MPLS but we are required to also have IPSec and can not
> > have a central termination for the peers.
>
> Short answer: there's no easy way out. Longer answer: check out book called
> "MPLS and VPN Architectures". ;)
>
> Alternative solution - buy a pile of PIX firewalls, they supposevily have a
> nice GUI that will let you provision and configure your IPSec tunnels with
> clickity-clicks. ;) (You'll have to check on this, in terms of tunnel
> provisioning tools)
>
> SY,
> --
> CCNP, CCDP (R&S) Dmitri E. Kalintsev
> CDPlayer@irc Network Architect @ connect.com.au
> dek @ connect.com.au phone: +61 39 674 3913 fax: 251 3666
> http://-UNAVAIL- UIN:7150410 cell: +61 41 335 1634
>
>
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:38 EDT