I have fully functioning Layer 2 MPLS running over my network on Cisco ASR 920 routers. One of the links between 2 routers is provided via a 3rd party service provider, though, which requires us to use encryption on this link to protect our data.
I configured a simple site-to-site VPN between these 2 routers by configuring a crypto-map on the interface between them with the crypto ACL matching interesting traffic between the loopbacks (the loopbacks which are used to create the Pseudowires).
The Crypto SA and IPSEC are up, OSPF is up, LDP is up, looks like everything is working, but if I do a "show crypto IPsec sa", the number of matches for encrypted/decrypted packets is too low, considering the Layer 2 traffic I am pushing through this link.
It looks like only LDP packets are being encrypted, not the actual encapsulated MPLS packets.
Am I doing something wrong, is this even supposed to work?
Listen: https://smarturl.it/CCRS9E19Follow us: twitter.com/ciscochampionsNetworks can be complex and often unpredictable. Traffic from over-the-top applications, automated systems, malicious attacks, or variations from simple operational errors...
Listen: https://smarturl.it/CCRS9E15 Follow us: https://twitter.com/CiscoChampion
Standing up and operating a mobile 5G network can be a challenging task, but Private 5G doesn’t need to be. Now, there is a simple solution for enterprises that...
Factory Reset - Erasing and Wiping out user data from disk memory on IOS-XR routers
Typically, user data on a router or a switch could be the router configurations [ip addresses and login credentials], process core, debug logs, show tech-support, images, ...
Listen: https://smarturl.it/CCRS9E7Follow us: twitter.com/ciscochampion
Routed optical networking, part of the Converged SDN Transport Architecture, is a new network paradigm that delivers improved operational efficiencies and simplicity. The soluti...
The IT Blog Awards, hosted by Cisco, aims to recognize all of the amazing technology content creators who contribute to our community all year long. Now it's up to you to weigh in. Be sure to vote for your favorites before Friday, February...