Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3327
Views
0
Helpful
1
Replies

IWAN licensing requriement.

network_geek1979
Level 1
Level 1

‎01-10-2016 11:44 PM - edited ‎03-05-2019 03:05 AM

Folks,

What are the licenses that are needed on Cisco router to support IWAN? This is for the Cisco 3900 and the Cisco 4xxx ISR's.

Is it compulsory to have the Cisco Prime installed to get the IWAN working?

Can we get some document which mention about what are the requirements for IWAN setups?

Thanks,

N

Labels:
0 Helpful
1 Reply 1

Philip D'Ath
VIP Alumni
VIP Alumni

‎01-11-2016 12:47 AM

You don't need Cisco Prime to iWAN.

iWAN is actually a collection of technologies.

For the crypto you will need a SEC or HSEC licence (HSEC removes the US export crypto performance limit, and greatly increases number of tunnels you can support).  I personally prefer to use IKEv2 these days.

Next, lets assume you are doing site to site VPNs with a hub and many spokes.  You'll be using an DMVPN style system.  You then need to decide on the routing protocol you will need.  If you want to use BGP or EIGRP you are going to need the old "Data" licence (now called an AppX licence).

If you are only doing user to site vpns you probably only need SEC and HSEC.

Back to the hub with many spokes configuration.  I personally like using the hub as an IOS CA server and issuing certificates to all the spokes.  I personally like using EIGRP, but Cisco do have a guide using BGP. 

Here is one Cisco Validated Design:

http://www.cisco.com/c/en/us/solutions/enterprise/design-zone-branch-wan/index.html

Here is another good guide using BGP peer groups:

http://docwiki.cisco.com/wiki/PfR3:Solutions:IWAN

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card