08-20-2006 10:30 PM - edited 02-21-2020 01:07 AM
Hi,
Can anyone tell me the best solution for IPSEC encryption over Point-to-point Ethernet link b/w two Cat6500 with VPN SPA? At first I though we could use VTI, but learned the hard way that VTI is not supported on Cat6500/Cisco7600 (if only we read the VTI SRND, it would've saved a bit of headache! :( ).
Thanks muchly for any pointers...
Cheers
08-25-2006 09:23 AM
Payload Compression Protocol. This is a compression protocol supplied with the Cisco IOS software code on which the FWSM IPSec implementation is based. The FWSM does not support the PCP protocol.
09-08-2006 07:54 PM
Michael,
Yes, you are correct. VTI is not supported in IPSEC VPN SPA on 6500. But, is supported on the 7600 with 12.2(33)SRA release. Please refer the below URL for details.
In your case, if you want dynamic unicast or multicast routing protocols over the tunnel, then GRE Over IPSEC is the way. Configuration Guide in the below URL:
I hope it helps.
Regards,
Arul
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide