From: Spoerr, Mathias (Mathias.Spoerr@xxxxxxxxxxxxx)
Date: Fri Dec 07 2001 - 11:00:33 GMT-3
Hi Brian!
When you use GRE as Tunneling Protocol you can configure IPSec Transport
Mode -> no additional overhead.
IPSEC+HSRP:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121
limit/121e/121e9/ipsecha.htm
When you use fast switching with some IOS Versions, then IPSec will not
work. Use CEF or Process Switching instead.
Mathias
-----Ursprungliche Nachricht-----
Von: Brian Lodwick [mailto:xpranax@hotmail.com]
Gesendet: Donnerstag, 06. Dezember 2001 21:13
An: ccielab@groupstudy.com
Betreff: VPN questions
I would like to find out how people are configuring their VPN's so that they
can come up with complex situations.
Is there a way to configure static routes to go down a certain tunnel?
Since Cisco has implemented IKE keepalives into the newest code, does anyone
know if you can configure HSRP to track the IPSec tunnel?
Can use policy routing pointing to tunnel interfaces?
Has anyone succesfully implemented a design running a routing protocol over
the tunnels on a large scale fully meshed VPN?
Has anyone done any testing to determine the impact using different
transform sets has on throuput?
Have you run into any bugs?
Anything else interesting?
>>>Brian
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:32:39 GMT-3