[c-nsp] Troubling IPSec issues with a 6500

[Gert Doering]

Hi,

On Wed, Sep 12, 2007 at 09:10:52AM -0400, Aaron Daubman wrote:
> I have a client that's run into some trouble with IPSec-over-GRE and
> I'm trying to help debug.  The problem sounds very familiar, however I
> haven't come up with a solution yet in my searches...
> 
> The basic setup is:
> 
> 7206(GigE)<------>(GigE)6500

Are you sure IPSEC on the 6500 is supported?

>From your description, this sounds as if
 
 - CPU switched traffic (locally generated) will use IPSEC
 - hardware-switched traffic will only do GRE (because the hardware knows
   how to do that).

As far as I understand the architecture, a basic 6500 won't do IPSEC...

gert
-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert at net.informatik.tu-muenchen.de