[c-nsp] MPLS and IPSEC co-working
Andris Zarins
a.zarins at lattelecom.lv
Thu Aug 16 07:43:44 EDT 2007
> Hi,
>
> Network setup is pretty trivial - three routers running MPLS (LDP
> full-mesh) to support 20+ MPLS VPNs. Tricky part, is that customer is
> asking to secure that infrastructure by running IPSEC (3DES). As far
> as I know, I can not run LDP over Tunnel interfaces, and crypto-maps
> will not help also. Concept of running IPSEC between CPEs doesn't make
> sense, as there are no CPEs :(
>
>
> Question is - is VRF-Lite plus back-to-back connectivity, like option
> A for inter AS MPLS, the only viable option I have, or Im missing
> something and there are other, more scalable ways to do it?
>
>
> Thanks,
> Andris
> CCIE #17473
More information about the cisco-nsp
mailing list