RE: GRE Tunneling & Bridging

From: Simcha Blatter (SBlatter@xxxxxxxxx)
Date: Fri Jul 28 2000 - 16:53:12 GMT-3

• Next message: Wojtek Iwanczyk: "RE: GRE Tunneling & Bridging"
• Previous message: mark salmon: "Re: DLSW+ Question"
• Maybe in reply to: Simcha Blatter: "GRE Tunneling & Bridging"
• Next in thread: Wojtek Iwanczyk: "RE: GRE Tunneling & Bridging"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
FYI - Cisco's VPN 5000 series of VPN Access Concentrators will support
site-to-site Bridged VPN Tunnels.

http://www.cisco.com/warp/public/cc/pd/hb/vp5000/prodlit/vpn5k_ds.htm

Thanks,
Simcha

-----Original Message-----
From: Simcha Blatter
Sent: Friday, July 28, 2000 2:58 PM
To: 'Sam Munzani'; Simcha Blatter
Cc: 'Sreeram P Bandakavi'; ccielab@groupstudy.com
Subject: RE: GRE Tunneling & Bridging

I believe that IP+Firewall / IPSEC is expecting different subnets at each
end of the IPSEC tunnel.

Thanks,
Simcha

-----Original Message-----
From: Sam Munzani [mailto:sam@chinet.com]
Sent: Friday, July 28, 2000 3:03 PM
To: Simcha Blatter
Cc: 'Sreeram P Bandakavi'; ccielab@groupstudy.com
Subject: RE: GRE Tunneling & Bridging

Other option is use IP+Firewall feature set on your router and do IPSEC
site to site VPN. I think that will be more reliable than other ways at
some investment.

Sam

On Fri, 28 Jul 2000, Simcha Blatter wrote:

> NAT won't work because the destination address on each unix host is on the
> same subnet as the source address. The Router will never NAT or Route the
> packet.
>
> Simcha
>
>
> -----Original Message-----
> From: Sreeram P Bandakavi [mailto:sbandaka@cisco.com]
> Sent: Friday, July 28, 2000 2:06 PM
> To: ccielab@groupstudy.com
> Subject: RE: GRE Tunneling & Bridging
>
>
>
> Look CCO for examples on NAt overlapping. Its probably the easier way of
> doing the same .
>
> Sreeram
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
> Simcha Blatter
> Sent: Friday, July 28, 2000 10:32 AM
> To: ccielab@groupstudy.com
> Cc: Leo Galletta; Stephen Drgon
> Subject: GRE Tunneling & Bridging
>
>
> Is it possible to connect 2 locations via the Internet and have both
> locations share the same subnet ?
>
> I know that this is theoretically possible by using a GRE Tunnel between
the
> 2 routers at each location AND by
> activating IRB on the routers.
> (Each router will have a minimum of 3 interfaces - subnet, dmz, & Tunnel;
> subnet & dmz interfaces
> will route IP - subnet & Tunnel will bridge IP).
>
> Can this work in the real world and has anybody done this before ?
>
> The reason the 2 locations need have the same subnet is that Unix Hosts at
> each location need to be configured
> in a cluster group on the same subnet for disaster recovery purposes.
>
>
> Thanks,
> Simcha
>
> Simcha Blatter, Systems Architect - CCDP, CCNP, MCSE, MCNE - CCIE in
> progress
> Dimension Data ISG
> simcha.blatter@didata.com
>

• Next message: Wojtek Iwanczyk: "RE: GRE Tunneling & Bridging"
• Previous message: mark salmon: "Re: DLSW+ Question"
• Maybe in reply to: Simcha Blatter: "GRE Tunneling & Bridging"
• Next in thread: Wojtek Iwanczyk: "RE: GRE Tunneling & Bridging"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:23:59 GMT-3