[nsp] questions on 4006, 6509 *SFC cards

From: K.A. Long (klong@UBmail.ubalt.edu)
Date: Wed Apr 17 2002 - 10:12:22 EDT


There is talk of implementing wireless nodes on campus.
I'm pretty new to the switch-style of networking
so I have a couple of questions. If this is totally
the wrong forum for this kind of question, I apologize
in advance.

Can a 4006 RSFC and 6509 MSFC support IPSEC and
GRE Tunnels for VPNs?

Can GRE tunnel IP's be virtual interfaces (like Loopback0)?
     and if so,
What is the maximum number of virtual interfaces that
can be configured on a 4006/6509 RSFC/MSFC?

Are secondary interface addresses more appropriate for
the IPSEC/GRE implementation?

Reasoning behind the questions: documentation says
having wireless traffic in their own vlan, on their own
subnet a good thing, and also that VPN's can add
security to a wireless network. IPSEc/GRE tunnels could
be implemented all the way to the firewall
(per some Cisco docs I found), if the 4006's and 6509
switches can be configured to support it. Is this a doable
solution? Utilizing existing equipment is probably our
only option.

I've read the SAFE docs, looked at the Tech Talk and
other wireless e-seminars. Also, scanned a bunch of documentation
that turned up when I searched on 'gre, 4006' and 'virtual
interfaces, rsfc'. I didn't find anything that answered
these particular questions. Any URL's, white papers, etc.
type pointers (also pointing out logic flaws) would be a
great help.

Thanks!

Kimberly Long

University of Baltimore
410-837-5021 (w)
1420 N. Charles St.
443-829-6535 (m)
Baltimore, MD 21201
klong@ubalt.edu
kim@pager.ubalt.edu
(subject-line e-mail only)



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:12 EDT