I have seen that you are unable to apply a Crypto-Map to a Tunnel interface or Port-Channel, so I am looking for alternative solutions. I have a single router terminating IKEv2 tunnels with 1 Public / 1 Private Interface. I am looking to find a redundant solution where I can use 2 Public / 2 Private. We are running an ACI environment and when I preform switch upgrades I am rebooting odd/even switches. When I reboot the switch with the single Public interface I loose my site-to-site VPNs. I am hoping to find a solution were the VPN traffic remains connected but uses the second link.
I have many tunnels from different Vendors terminating to this cisco router and I am not able to have a secondary IP address as a failover IP.
Here we will go over the configuration needed for MACsec Switch to Switch using a Pre-Shared Key. Topics that will be covered include, command usage, key derivation and key server election. Please see the MACsec History and Terminology for ...
With increased deployments of high-performance connectivity solutions there is need to maximize security, network speed, bandwidth and efficiency. Fiber to the office/desk etc. (FTTx) is not a new concept, however it is viewed as a key pillar in driving t...
What is PON ?
A Passive Optical Network (PON) is a point-to-multipoint architecture which use a single strand of single mode fiber to deliver voice, video, data to several users (or devices). PON network uses passive splitters in the optical distribution ...
This will be the first in a series of documents I write on MACsec. Some of the other topics I’ll be writing are:
As the configuration will become increasingly complex, I suggest you read them in order.
Configuring MACsec Switch to Switch with Pre-...