cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
329
Views
0
Helpful
0
Replies
Highlighted
Beginner

Encryption over VPLS with Catalyst 3850

I am trying to determine what would be the best way to encrypt our traffic on a private VPLS link between sites. We have 3 sites connected via VPLS by our ISP. All three sites have a Catalyst 3850 switch and currently have EIGRP configured. Site 1 will be the hub for this scenario so that all traffic leaving a remote site will go through site one to get anywhere it needs to get to. Sites 2 and 3 are spokes.

Initially the idea was to encrypt the traffic using MacSec but since these are switches and not routers, adding a third site raises some questions as subinterfaces are not available on the switches. 

Site 1 --------------ISP VPLS  -----------------------Site 2

                                   |

                                   |

                                   |

                               Site 3

Sites 2 and 3 have 250 Mbps connectivity each and Site 1 has 500 Mbps so we would have to rate limit.

Can MacSec work for this solution? Would a different approach be recommended? 

Thanks

0 REPLIES 0
Content for Community-Ad