IP sec

From: SALMON, MARK (SBMS) (MARK.SALMON@xxxxxxxxxxxx)
Date: Wed Aug 01 2001 - 12:11:03 GMT-3

• Next message: Thounda Craig Jr.: "Re: OT:Online Rack Access"
• Previous message: Chris Allen: "OT:Online Rack Access"
• Next in thread: Matt Wagner: "Re: IP sec"
• Maybe reply: Matt Wagner: "Re: IP sec"
• Maybe reply: SALMON, MARK (SBMS): "RE: IP sec"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
I need some direction concerning IPsec. In my reading of the documentation,
it mentioned that we should not use IPsec for multicast traffic.. Since
most routing protocols use multicast r broadcast by default then how does
one ensure that the IP nets one is using for one's traffic is reachable by
each IP sec peer. For example:

10.10.1.1 --------Internet--- 10.20.1.1

My questions are:

1) Should one use NAT here so the addresses are reachable?

or should one set up a GRE tunnel with some of of dynamic routing protocol
so the subnets are reachable or static routes.

I sense is the GRE tunnel is simpler to do. Any thoughts?

Mark Salmon
Sr. WAN Engineer Great Lakes Region
Cingular Wireless
2000 Ameritech Center Drive 3F07B
Hoffman Estates IL 60195
Voice: (847)765-3999
Pager: (847)992-0458
Email: mark.salmon@cingular.com
**Please read:http://www.groupstudy.com/list/posting.html

• Next message: Thounda Craig Jr.: "Re: OT:Online Rack Access"
• Previous message: Chris Allen: "OT:Online Rack Access"
• Next in thread: Matt Wagner: "Re: IP sec"
• Maybe reply: Matt Wagner: "Re: IP sec"
• Maybe reply: SALMON, MARK (SBMS): "RE: IP sec"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:31:43 GMT-3