[c-nsp] MPLS and IPSEC co-working
Rodney Dunn
rodunn at cisco.com
Thu Aug 16 07:53:55 EDT 2007
>
> > Hi,
> >
> > Network setup is pretty trivial - three routers running MPLS (LDP
> > full-mesh) to support 20+ MPLS VPNs. Tricky part, is that customer is
> > asking to secure that infrastructure by running IPSEC (3DES). As far
> > as I know, I can not run LDP over Tunnel interfaces, and crypto-maps
> > will not help also. Concept of running IPSEC between CPEs doesn't make
> > sense, as there are no CPEs :(
> >
> >
> > Question is - is VRF-Lite plus back-to-back connectivity, like option
> > A for inter AS MPLS, the only viable option I have, or Im missing
> > something and there are other, more scalable ways to do it?
I think it is today.
Rodney
> >
> >
> > Thanks,
> > Andris
> > CCIE #17473
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list