Cisco Community
English
Register
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
329
Views
0
Helpful
0
Replies
Highlighted
Spaniard141
Beginner
Beginner
‎12-19-2016 11:18 AM
‎12-19-2016 11:18 AM

Encryption over VPLS with Catalyst 3850

I am trying to determine what would be the best way to encrypt our traffic on a private VPLS link between sites. We have 3 sites connected via VPLS by our ISP. All three sites have a Catalyst 3850 switch and currently have EIGRP configured. Site 1 will be the hub for this scenario so that all traffic leaving a remote site will go through site one to get anywhere it needs to get to. Sites 2 and 3 are spokes.

Initially the idea was to encrypt the traffic using MacSec but since these are switches and not routers, adding a third site raises some questions as subinterfaces are not available on the switches. 

Site 1 --------------ISP VPLS  -----------------------Site 2

                                   |

                                   |

                                   |

                               Site 3

Sites 2 and 3 have 250 Mbps connectivity each and Site 1 has 500 Mbps so we would have to rate limit.

Can MacSec work for this solution? Would a different approach be recommended? 

Thanks

Labels:
0 Helpful
0 REPLIES 0
Latest Contents
Cisco SD-WAN Cloud OnRamp Trial
Created by tahuja on 10-27-2020 04:27 PM
0
0
0
0
Cisco SD-WAN Cloud OnRamp allows you to simplify and secure connectivity to cloud applications and public clouds. Interested in testing out the latest Cisco Cloud OnRamp solutions?   Sign up to try out various use cases with the Cisco SD-WAN Cloud ... view more
Try out the Cisco SD-WAN Cloud OnRamp
Created by HimanshuV on 10-27-2020 12:52 PM
0
0
0
0
 Please use the new link http://cs.co/CoR-Trial for Demo  and updated guides.     Cisco SD-WAN Cloud OnRamp allows you to simplify and secure connectivity to cloud applications and public clouds. Interested in testing out the latest ... view more
Catalyst 8500 Series - Deep Dive- Community Live Event
Created by Cisco Moderador on 10-26-2020 12:06 PM
0
0
0
0
“Catalyst 8500 Series - Deep Dive” This event will have place on Tuesday 17th, November 2020 at 10hrs PDT  The Catalyst 8500 Series Edge Platforms are built with the highly programmable, third-generation Cisco Quantum Flow Processor and designed for ... view more
Catalyst 8000 Edge Platforms Family Overview- Community Live...
Created by Cisco Moderador on 10-26-2020 11:30 AM
0
5
0
5
“Catalyst 8000 Edge Platforms Family Overview” This event will have place on Wednesday 4th, November 2020 at 10hrs PDT  Designed for an intent-based networks, the Cisco Catalyst 8000 Edge Platforms family offers best-in-class networking and security ... view more
Redistributing OSPF to BGP
Created by velo84 on 10-26-2020 10:31 AM
3
0
3
0
I'm currently redistributing OSPF to BGP and setting a local pref on the routes. Currently this works fine and having no issues.  ip prefix-list ospf-routes seq 10 permit 172.16.100.0/24 route-map ospf-bgp permit 10 match ip address prefix-list ... view more
Content for Community-Ad