Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
501
Views
0
Helpful
1
Replies

IPSEC over tagged VLAN?

boshardy1
Level 1
Level 1

‎06-26-2007 05:53 AM - edited ‎03-03-2019 05:36 PM

I work for a college where we have a builing connected via fiber with multiple trunked VLAN's. We have a department who needs to secure all their traffic so they installed two Cisco ASA devices. They want their traffic between the main site and this other location to be protected by a site to site VPN. Using the same fiber can I assign them a seperate VLAN and attach to each firewall? I am not sure if you can do this or does the VLAN need to be untagged?

Labels:
0 Helpful
1 Reply 1

Richard Burts
Hall of Fame
Hall of Fame

‎06-26-2007 07:03 AM

Thomas

I can not think of any reason why it would matter whether the VLAN were tagged or untagged. What the site to site VPN needs is IP connectivity. As long as the ASA on one side has appropriate IP connectivity to the other ASA then the VPN should work.

You could assign them a separate VLAN and they might feel good if you did. But I do not believe that it is necessary or adds anything significant to protecting the traffic. The IPSec VPN provides protection for the traffic no matter what VLAN it is in.

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents