[c-nsp] MPLS and IPSEC co-working
Andris Zarins
a.zarins at lattelecom.lv
Thu Aug 16 07:59:59 EDT 2007
Thanks for quick reply ;)
If its not top-secret, are there any plans to address this issue in near
future?
A
-----Original Message-----
From: Rodney Dunn [mailto:rodunn at cisco.com]
Sent: Thursday, August 16, 2007 2:54 PM
To: Andris Zarins
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] MPLS and IPSEC co-working
>
> > Hi,
> >
> > Network setup is pretty trivial - three routers running MPLS (LDP
> > full-mesh) to support 20+ MPLS VPNs. Tricky part, is that customer
> > is asking to secure that infrastructure by running IPSEC (3DES). As
> > far as I know, I can not run LDP over Tunnel interfaces, and
> > crypto-maps will not help also. Concept of running IPSEC between
> > CPEs doesn't make sense, as there are no CPEs :(
> >
> >
> > Question is - is VRF-Lite plus back-to-back connectivity, like
> > option A for inter AS MPLS, the only viable option I have, or Im
> > missing something and there are other, more scalable ways to do it?
I think it is today.
Rodney
> >
> >
> > Thanks,
> > Andris
> > CCIE #17473
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list