cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
541
Views
0
Helpful
3
Replies

can getvpn encrypt EIGRP exchanges?

net.comm.engr
Level 1
Level 1

Hello everyone,

 

We'er thinking of deploying a getvpn on a military network over a carrier vendor VPLS cloud. My concern is that can the route updates, hello packets, etc in EIGRP be encrypted so that the carrier can not see our network information? Thanks

3 Replies 3

Jeff Van Houten
Level 5
Level 5
Control plane traffic including routing protocols are denied in the acl for the encryption policy. In effect, get VPN assumes a functioning routed network outside the encryption domain. You of course have the option to protect eigrp with keys to authenticate routing updates between authorized peers.

But what if for some reason that someone in the service provider organization is malicious, he tries to sniff the traffic, all the network information in routing update packets can be seen, right? If we encrypt eigrp, neigborship will not be formed, correct?. Thanks

If you try to encrypt your routing protocol, you won't have a network to protect. If you want absolute secrecy, maybe get VPN isn't what you need. What about straight IPSec tunnels? Depending on the number of sites and whether or not you need a mesh configuration it could be workable.
Review Cisco Networking for a $25 gift card