cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1910
Views
0
Helpful
7
Replies

3G over MPLS

happyatuni
Level 1
Level 1

Dear all,

I currently have a 150 nodes MPLS network. My management is anxious to join some sites with 3G routers as their centres move around a lot.

My current MPLS site as 4 x Ps with lots of PEs linking to the 150 x CEs. Is there a way to easily link up my 3G routers to my MPLS network? I have heard DMVPN or MPLS over mGRE may be a solution.  My 3G routers are mostly 19xx and 29xx routers.

Would be great if anyone can shed some light on this.

Cheers

7 Replies 7

paolo bevilacqua
Hall of Fame
Hall of Fame

You can use DMVPN, then redistribute routes between the two domains.

Any reputable network enginder should be albel to finalize and implement the design for you.

blau grana
Level 7
Level 7

Hello Hunt,

You can configure IPsec tunnel over 3G connection, and this IPsec tunnel will be terminated in VRF, so all 4 sites will have access to entire VPN.

Is this suitable solution for you?

Best Regards

Please rate all helpful posts and close solved questions

Best Regards Please rate all helpful posts and close solved questions

Tagir Temirgaliyev
Spotlight
Spotlight

we have direct connection to mobile provider and so called 3G corporate access.

so 3G routers can connect to our corporate lan via vpdn group

Thanks all.

Any examples i can see so i can understand more on how to design these?

Wish all of you have a happy Easter!

Cheers,

Hunt

Hello Hunt and happy Easter to you too,

On 3G site you will configure basic GRE tunnel ->

interface tunnel 0

ip address xyz

tunnel source [WAN interface/IP]

tunnel destination [IP address of some main site where tunnels will be terminated]

Configureation of GRE tunnel on main site.

interface tunnel 0

ip address xyz

tunnel source [WAN interface/IP] -> this will be IP from global routing table, most likely IP of interface toward internet

tunnel destination [public IP of remote 3G site]

- this configuration can be used if remote 3G sites will have static public IP, for routing you can use some IGP, BGP or static routing, it depends on you.

- you can also use IPsec to protect traffic transported over GRE tunnels

With some changes, this scenario can be used if 3g sites have dynamic public addresses or are behind NAT.

Best Regards

Please rate all helpful posts and close solved questions

Best Regards Please rate all helpful posts and close solved questions

Hi blau,

Thanks so much for your example.  That actually is the bit that I'm interested in.

Since my work's 3G router gets a different Public IP every time, how can i still get this to work?

Cheers,

Hunt

Hello Hunt,

Here is explanation how to configure IPsec tunnel with one end having dynamic public IP.

http://www.firewall.cx/cisco-technical-knowledgebase/cisco-routers/936-cisco-router-vpn-dynamic-endpoint.html

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080093f86.shtml

To suit your scenario, you have to make your IPsec tunnels VRF aware, it is explained here:

https://supportforums.cisco.com/docs/DOC-13524

http://blog.ipexpert.com/2010/09/20/vrf-aware-ipsec-using-crypto-maps/

If you have any further questions or problems with configuration, please attach relevant parts of configuration or outputs.

Best Regards

Please rate all helpful posts and close solved questions

Best Regards Please rate all helpful posts and close solved questions
Review Cisco Networking for a $25 gift card