Re: GET VPN on public internet

Thanks Tyson ,

so there is despondency on DMVPN in order to run GET on public cloud.

Any workarounds such as NAT so that i can run GET naively on public internet
without DMVPN.?

On Sat, Feb 5, 2011 at 9:38 PM, Tyson Scott <tscott_at_ipexpert.com> wrote:

> Use Get VPN over DMVPN. That is the solution you should use if you have
> private address space.
>
> Regards,
>
> Tyson Scott - CCIE #13513 R&S, Security, and SP
> Managing Partner / Sr. Instructor - IPexpert, Inc.
> Mailto: tscott_at_ipexpert.com
>
>
> -----Original Message-----
> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
> imran ali
> Sent: Saturday, February 05, 2011 12:51 PM
> To: Piotr Matusiak
> Cc: Cisco certification
> Subject: Re: GET VPN on public internet
>
> Thanks for reply Piotr Matusiak ,
>
> But i cant afford all public ip address for my pc's . I just want to use
> one
> public ip address and nat all private ip address and still use GET VPN
> rather than point to point IPSEC tunnels.
>
> the set up that i have
>
> R1---to ----R5 all connected to internet with different single public ip's
> depending on locations.Running traditional IPSEC among them. (5*4)/2=10
> tunnels.
>
>
> now i just want to migrate to GET . is it possible ?
>
> or do i need to integrate GET with DMVPN ?
>
> On Sat, Feb 5, 2011 at 8:23 PM, Piotr Matusiak <pitt2k_at_gmail.com> wrote:
>
> > You can. GET technology however is mainly positioned for WAN (private)
> > usage. Why is it not recommended to use over the Internet? This is
> because
> > GET preserves original IP address and it is hard to introduce any further
> > security like filtering. If one uses only Public IP addresses it is OK to
> > use GET over the Internet.
> >
> > HTH,
> > --
> > Piotr Matusiak
> > CCIE #19860 (R&S, Security), CCSI #33705
> > Technical Instructor
> > website: www.MicronicsTraining.com
> > blog: www.ccie1.com
> >
> > If you can't explain it simply, you don't understand it well enough -
> > Albert Einstein
> >
> >
> > 2011/2/5 imran ali <immrccie_at_gmail.com>
> >
> >> HI security experts ,
> >>
> >> why cant i use GET on internet . i can use nat to change the source ip
> >> address to make it routable over the internet. ?
> >>
> >> regards
> >> ignore my ignorance
> >>
> >>
> >> Blogs and organic groups at http://www.ccie.net
> >>
> >> _______________________________________________________________________
> >> Subscription information may be found at:
> >> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Sat Feb 05 2011 - 21:55:47 ART