Good question, but I don't know that you could encrypt only ICMP traffic. Think about it- you use IP ACL's, and ICMP is included automatically.
Now, you could use GRE over IPEC with a little sprinkle of PBR to encrypt only the ICMP, I mean, if you wanted to get crazy.
Regards,
Jay McMickle- CCIE #35355 (R&S)
Sent from iJay
On Jul 7, 2012, at 8:18 AM, "amin" <amin_at_axizo.com> wrote:
> Hi experts,
>
> Site2site VPN between two ASAs, let us assume I want to encrypt the ICMP,
> and leave the two LANs traffic between the two site unencrypted.
>
> LAN 1 172.16.1.1/24, LAN 2 172.16.2.0/24 == ICMP encrypted
>
> LAN 1 172.16.1.1/24, LAN 2 172.16.2.0/24 == Other traffic unencrypted
>
>
>
> Regards,
>
> Amin
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Tue Jul 10 2012 - 21:18:33 ART
This archive was generated by hypermail 2.2.0 : Wed Aug 01 2012 - 15:55:23 ART