[c-nsp] bridging/L2TPv3 between PIX and 2821?

Tassos Chatzithomaoglou achatz at forthnet.gr
Sat Aug 30 04:59:52 EDT 2008


Justin,

Justin M. Streiner wrote on 30/08/2008 05:28:
> I have a client who has some legacy gear at a remote site that needs to 
> talk to other gear back at their main office.  Trick is, that the gear 
> is legacy enough that it has no concept of a default gateway, so all of 
> the legacy pieces need to be or functionally appear to be in the same 
> subnet.
> 
> The traffic between the sites needs to be encrypted, but since some of 
> the IP space on both ends would appear to be on te same subnet, getting 
> IPSEC to work would be problematic.
> 
> If I had routers at both locations, I could probably do this with an 
> L2TPv3 pseudowire, but there's a PIX involved, and I don't think it 
> knows L2TPv3 well enough to be able to let me pass a pseudowire through...
> 

L2TPv3 over IP uses ip protocol 115 (which can be changed with "ip protocol X" under the 
pseudowire-class), so i don't think there should any problem with PIX recognizing it.
Am i missing anything?


-- 
Tassos


> MPLS would be nice too, but that's not an option in this design.
> 
> Has anyone here tackled something like this before?
> 
> jms
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> 


More information about the cisco-nsp mailing list