Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
870
Views
0
Helpful
2
Replies

GETVPN - Two Groups in the same GM

MachadoGB
Level 1
Level 1

‎08-24-2011 01:47 PM - edited ‎03-04-2019 01:23 PM

Hello,

I have a question about configuring two GETVPN groups in the same Group Member device.

Scenario: CE router running BGP connected to PE router on MPLS provider. CE router is running GETVPN on group 123. User asking to create a separate VPN environment to encrypt traffic originated from one /32 (loopback) interface on each CE router to a router in the Data Center running GETVPN on group 123.

Idea: I am thiking on creating a second group on each CE (GM) with number 345 using the same ISAKMP SA.

Questions:

Do I Need to change the IPSec Keys (KEK / TEK) for that?

Is it possible? Is there a document or configuration sample that I can use?

Thanks.

Labels:
0 Helpful
2 Replies 2

Collin Clark
VIP Alumni
VIP Alumni

‎08-25-2011 06:47 AM

I've attached the design guide for GETVPN. It covers what you are looking to do.

Hope it helps.

Preview file
2156 KB
0 Helpful

MachadoGB
Level 1
Level 1
In response to Collin Clark

‎09-02-2011 08:45 AM

Hi Collin,

I do have that document but it is really missing information when it comes to multiple groups. I guess Cisco has to review that.

I was able to configure and test the multiple group. It works fine.

So I appreciate your help.

Thanks.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card