[c-nsp] MPLS and IPSEC co-working

Rodney Dunn rodunn at cisco.com
Thu Aug 16 07:53:55 EDT 2007


> 
> > Hi,
> > 
> > Network setup is pretty trivial - three routers running MPLS (LDP
> > full-mesh) to support 20+ MPLS VPNs. Tricky part, is that customer is
> > asking to secure that infrastructure by running IPSEC (3DES). As far
> > as I know, I can not run LDP over Tunnel interfaces, and crypto-maps
> > will not help also. Concept of running IPSEC between CPEs doesn't make
> > sense, as there are no CPEs :( 
> > 
> > 
> > Question is - is VRF-Lite plus back-to-back connectivity, like option
> > A for inter AS MPLS, the only viable option I have, or Im missing
> > something and there are other, more scalable ways to do it?

I think it is today.

Rodney

> > 
> > 
> > Thanks,
> > Andris
> > CCIE #17473
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/


More information about the cisco-nsp mailing list