[c-nsp] Replacing a 2611 with PIX 515E + PIX 7.2

Silly Questions mysillyquestions at gmail.com
Thu Aug 16 13:11:44 EDT 2007


Hi,
Thanks for the reply - I should have been more clear.  I don't have a 2821,
I only have a PIX 515E with 7.2 code on it.

On 8/16/07, Tolstykh, Andrew <ATolstykh at integrysgroup.com> wrote:
>
> Replace 2611 with 2821 (supports onboard IPSec hardware acceleration).
> Copy and paste configuration from the old router.
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Silly Questions
> Sent: Thursday, August 16, 2007 11:50 AM
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] Replacing a 2611 with PIX 515E + PIX 7.2
>
> Hello there,
>
> I have three IOS routers in different sites all interconnected via
> OSPF over GRE over IPSec. It's working perfectly. One of the routers
> at one of the sites is getting overloaded due to the IPSec, so I want
> to replace it with a PIX running 7.2 code.
>
> The PIX doesn't support GRE so I have to re-think how this is all
> setup and I'm looking for suggestions. I'm not sure if I should get
> rid of GRE across the board and just do OSPF over IPSec (I'm not sure
> if IOS can do straight OSPF over IPSec without a tunnel of some sort,
> but it appears PIX 7.2 can) or what my options are here.
>
> Any thoughts welcome.
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> The information transmitted is intended only for the person or entity to
> which it is addressed and may contain confidential
> and/or privileged material.  Any review, retransmission, dissemination or
> other use of, or taking of any action in reliance upon,
> this information by persons or entities other than the intended recipient
> is prohibited.   If you received this in error, please
> contact the sender and delete the material from any computer.
>
>


More information about the cisco-nsp mailing list