[c-nsp] Design - gre+ipsec+vpnsm+fwsm+vrf
Szilard Csordas
szilard.csordas at gmail.com
Thu Mar 8 13:19:56 EST 2007
Hello,
We are in a quite complex situation and as always we don't have a real
lab to test it.
We did the design on paper but I am not sure if it works.
65k, sup720+FW+vpn spa. Let's say it has 2 sides, left and the right.
If I terminate a GRE+IPSec tunnel (tunnel protection) on the right
side, I want the traffic to flow through the firewall module (routed
or transparant) and to push that traffic into the other GRE+IPsec
tunnel on the left side. Is that possible with one box or do I have to
split the functions to more devices.
To compicate matters further what happens if I want that Tunnel
interfaces to be in the VRFs (no mpls)?
Any advice is appreciated.
thanks,
Szilard
More information about the cisco-nsp
mailing list