Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
466
Views
1
Helpful
2
Replies

Cisco FPR 3k with FTD / routing over multiple Umbrella IPSEC VPN

Go to solution
dardou1814
Level 1
Level 1

‎05-16-2023 12:22 AM

Hey folks,

Very simple diagram

Cisco Umbrella / internet

                    ||

                    ||

FRP3k x2 (Active-Active)

                   ||

                   ||

450 routeurs (MPLS network) 10.0.0.0/8

Since Cisco Umbrella limits IPsec VPNs to 250Mps per tunnel, we need to run more than 20 IPsec VPNs to Umbrella to meet our needs. What would be your suggestions to load balance about 60k devices over these VPNs?

I was thinking of implementing ECMP load balancing from FPR3K. Do you guys have any others ideas which would be more "effective" from your perspective?

BR

Dardan.

 

1 Accepted Solution

Accepted Solutions

Go to solution
MHM Cisco World
VIP
VIP

‎05-16-2023 02:31 AM

if you decided to use ECMP, then you need VTI not policy based VPN.
the traffic will load and encrypt under same interface VTI.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
MHM Cisco World
VIP
VIP

‎05-16-2023 02:31 AM

if you decided to use ECMP, then you need VTI not policy based VPN.
the traffic will load and encrypt under same interface VTI.

0 Helpful

Go to solution
dardou1814
Level 1
Level 1
In response to MHM Cisco World

‎05-31-2023 12:14 AM

Thanks for the answer.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card