[c-nsp] Cat6500 IPSec/FWSM - IP Migration
Steve Wright
lists at visp.me.uk
Fri Jan 11 07:05:09 EST 2008
Hi all,
I'm looking for some guidance as to an issue I seem to be hitting which has
be a little stumped.
I have a Cat6500 with IPSec SPA and am currently having to migrate to some
new IP address (the joys!) however need to be able to do this in a somewhat
controlled manner
I have the external int's tied to vlan 8 which is where the current VPN's
terminate on a HSRP address of 192.168.1.1 for example. This is cross
connected to vlan 10
Now, the way I am approaching this is to create a new vlan however, I'm not
sure if this is the best method?
I can bring up tunnels to the new VLAN, however traffic flow seems to be
slightly more awkward the more I think about this.. as a visual
representation I think the flow should be like this in the existing form:
Internet
|
Int G1/1 (vlan 8)
|
VLAN 8
|
IPSec Module
|
VLAN 10
|
Then off to the FWSM for other processing.
Any advice would be much appreciated!
Thanks,
More information about the cisco-nsp
mailing list