How to trunk over WAN

Tibor Marchyn · ‎07-30-2012

Hi everyone,

I have one for me hard question.

Our company will move to new offices soon, but It is not possible to move all servers at one time because movement at one time is for 4+ days and all servers are divided to vlans, but some hw servers are combined with virtual machines wich are in same vlan.

I need to ensure somehow that I will transfer trunk from L3 switch in current offices to another L3 switch in new offices over WAN though some secured VPN.

I should be able to connect servers in new offices to VLAN 100 (192.168.100.XXX) (for example) which also exists in old offices and users should be able to reach this server without any changes in infrastructure.

I have only 2 common internet 100Mbps connections in both offices, available Cisco 3825 and Cisco 2811 routers.

I also need to ensure that all internet direction traffic will go though this tunnel to Cisco ASA and to Internet over connection in new offices.

Is it possible?

Thanks

Giuseppe Larosa · ‎07-30-2012

Hello Tibot,

with appropriate feature set on the two ISR routers you can use vlan based L2TPv3 for the L2 point to point transport service.

For security reasons you will need to use an IPSec to encrypt the L2TPv3 traffic.

The performance will be limited by the ISR routers to tens of Mbps.

see

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t2/feature/guide/gtl2tpv3.html

You can use feature navigator to check if the current IOS image in your routers support L2TPv3.

You will need also security features for the IPSec part.

http://www.cisco.cm/go/fn

Hope to help

Giuseppe