[c-nsp] bridging/L2TPv3 between PIX and 2821?
Tassos Chatzithomaoglou
achatz at forthnet.gr
Sat Aug 30 04:59:52 EDT 2008
Justin,
Justin M. Streiner wrote on 30/08/2008 05:28:
> I have a client who has some legacy gear at a remote site that needs to
> talk to other gear back at their main office. Trick is, that the gear
> is legacy enough that it has no concept of a default gateway, so all of
> the legacy pieces need to be or functionally appear to be in the same
> subnet.
>
> The traffic between the sites needs to be encrypted, but since some of
> the IP space on both ends would appear to be on te same subnet, getting
> IPSEC to work would be problematic.
>
> If I had routers at both locations, I could probably do this with an
> L2TPv3 pseudowire, but there's a PIX involved, and I don't think it
> knows L2TPv3 well enough to be able to let me pass a pseudowire through...
>
L2TPv3 over IP uses ip protocol 115 (which can be changed with "ip protocol X" under the
pseudowire-class), so i don't think there should any problem with PIX recognizing it.
Am i missing anything?
--
Tassos
> MPLS would be nice too, but that's not an option in this design.
>
> Has anyone here tackled something like this before?
>
> jms
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list