Re: [nsp] Terminating IPSec tunnel inside VRF

From: Dmitri Kalintsev (dek@hades.uz)
Date: Thu Mar 29 2001 - 00:57:03 EST

Next message: eric chan: "[nsp] fastethernet channel problem"
Previous message: Dmitri Kalintsev: "Re: [nsp] Terminating L2TP tunnel inside VRF"
In reply to: Dmitri Kalintsev: "Re: [nsp] Terminating IPSec tunnel inside VRF"
Next in thread: Dmitri Kalintsev: "Re: [nsp] Terminating L2TP tunnel inside VRF"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

Seems that I got it quite right. By the way, is IPSec compatible with this
config, i.e. can I combine L2TP with IPSec in this context?

On Thu, Mar 29, 2001 at 07:35:34AM +0200, Dmitri Kalintsev wrote:
> Update:
>
> Will this construction work?
>
> vpdn-group 1
> accept dialin l2tp virtual-template 1 remote rtp_tunnel
> local name ABCDE
> !
> interface Virtual-Template1
> ip vrf forwarding VPN1
> ip unnumbered FastEthernet0/0.10
> no ip directed-broadcast
> peer default ip address pool default
> ppp authentication chap
> !
> interface FastEthernet0/0.10
> encapsulation dot1q 10
> ip vrf forvarding VPN1
> ip address 10.0.0.1 255.255.255.0
> !
>
> On Thu, Mar 29, 2001 at 07:15:41AM +0200, Dmitri Kalintsev wrote:
> > Hello good people,
> >
> > I've a question: is termination of L2TP tunnel inside VRF is possible?
> > Consider L2TP tunnel initiated from inside of non-MPLS enabled cloud. If it
> > is, what is a good place to check out possible solutions and/or config
> > examples?
> >
> > What I need is this: imagine non-MPLS enabled cloud, and on one side of the
> > cloud is access server, say 5300. On other end of the cloud is 7200 router,
> > which is running MPLS, and which is MPLS cloud edge router. What I need is
> > to enable dial-up client to dial into 5300, which will build L2TP tunnel
> > into 7200, particularily into one of its VRFs, and start PPP session with
> > client in such way, that client's traffic will go into VRF.
> >
> > Any pointers are appreciated. (Sorry if I'm talking rubbish, I seem to think
> > this isn't gonna work, but I've been told by one of local cisco guys that it
> > will and I'm too sick now to analyze all factors and deduct it myself).
> >
> > Thanks,
> > --
> > CCNP, CCDP (R&S) Dmitri E. Kalintsev
> > CDPlayer@irc Network Architect @ connect.com.au
> > dek @ connect.com.au phone: +61 39 674 3913 fax: 251 3666
> > http://-UNAVAIL- UIN:7150410 cell: +61 41 335 1634
> >
> ---end quoted text---
>
> --
> CCNP, CCDP (R&S) Dmitri E. Kalintsev
> CDPlayer@irc Network Architect @ connect.com.au
> dek @ connect.com.au phone: +61 39 674 3913 fax: 251 3666
> http://-UNAVAIL- UIN:7150410 cell: +61 41 335 1634
>
---end quoted text---

-- 
 CCNP, CCDP (R&S)                          Dmitri E. Kalintsev
 CDPlayer@irc               Network Architect @ connect.com.au
 dek @ connect.com.au     phone: +61 39 674 3913 fax: 251 3666
 http://-UNAVAIL-         UIN:7150410    cell: +61 41 335 1634

Next message: eric chan: "[nsp] fastethernet channel problem"
Previous message: Dmitri Kalintsev: "Re: [nsp] Terminating L2TP tunnel inside VRF"
In reply to: Dmitri Kalintsev: "Re: [nsp] Terminating IPSec tunnel inside VRF"
Next in thread: Dmitri Kalintsev: "Re: [nsp] Terminating L2TP tunnel inside VRF"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:34 EDT