Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1395
Views
1
Helpful
1
Replies

TrustSec Design Question

Go to solution
jideji
Cisco Employee
Cisco Employee

‎02-10-2017 08:52 PM - edited ‎03-11-2019 12:27 AM

L3IF trustSec Interface-to-SGT Mapping, is it possible to receive multiple  SGT  on the ports that is  facing the WAN ?

Sample  topology

      Site-A                                             WAN-Cloud                              Site-B

3750x ---------- ASR-1 ---------------------MPLSoGRE---------------ASR2--------------------3750x

On the above topology. In Site-A,  we have five SGT 10,20,30,40 and 50  that we like to propagate across the  MPLS WAN  to Site-B. My question is; what is the best way to get these SGT from Site-A to Site-B  over the MPLS WAN link. Please any pointers will be greatly appreciated. Please also see attached topology.

Labels:
Preview file
59 KB
1 Accepted Solution

Accepted Solutions

Go to solution
darrimil@cisco.com
Cisco Employee
Cisco Employee

‎02-21-2017 09:09 AM

There is no way to carry the SGT with MPLS over GRE at the moment.  the easiest way to accomodate this would to use SXP to communicate IP/SGT between the ASRs.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
darrimil@cisco.com
Cisco Employee
Cisco Employee

‎02-21-2017 09:09 AM

There is no way to carry the SGT with MPLS over GRE at the moment.  the easiest way to accomodate this would to use SXP to communicate IP/SGT between the ASRs.

0 Helpful
Customers Also Viewed These Support Documents