cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
721
Views
5
Helpful
1
Replies

Secure Layer-2 extension over Internet

Claudio Battan
Level 1
Level 1

I try to repost here one of my posts that found little response ...

 

I need to extend some VLANs between two location (the Enterprise DataCenter and a remote DR DataCenter).
The obvious solution is using OTV between two CSR1000v's.
The connection I have to use is the Internet, so the join-interfaces will be directly on the public network.
Question: is OTV traffic somehow "protected"?
Can I implement two IPSEC tunnels between the two CSRs and then pass the OTV traffic through this tunnel?
Is there any configuration example?
Thank you
Claudio

1 Reply 1

Hello,

 

as far as I recall. the CSR100v runs on the same code as the AS1000, so yes, you can add IPSec encryption to the OTV. Below is an example:

 

https://www.cisco.com/c/en/us/support/docs/routers/asr-1006-router/212826-configure-asr1000-encryption-over-otv-un.html

Review Cisco Networking for a $25 gift card