cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1320
Views
15
Helpful
6
Replies

Cat8300 - No controllers - Autonomous mode

Steytler
Level 1
Level 1

I'm trying to help my customer who purchased Cat8300 prior to my engagement, with the expectation they could do payload encryption with VIT.

 

I know these are SD-WAN boxes but here's my question:  If the customer purchased the enterprise SD-WAN license but keeps the devices in Autonomous mode, can we configure them with a VTI to do payload encryption?

 

thanks,

Steytler

1 Accepted Solution

Accepted Solutions

Of course.

 

Autonomous mode does this. You don't need DNA or SDWAN to run IPSec or any other traditional routing/ tunnelling/ crypto on C8K routers.

 

HTH,

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

View solution in original post

6 Replies 6

Hi

    Considering this router can work as autonomous (all of them actually can) and assuming VTI can be configured in autonomous router (you can see here ) then the conclusion is yes, with appropriate licensing this router can stablish VTI ipsec with another router.

 

 

thanks,  I'm familiar with VTI's.  I'm just trying to get this customer a solution without having to order new equipment.  the 8300's have been on order for a year.

Hi,

 

Cisco C8300 has 2 types of licenses: network stack (essential/ advantage) and DNA subscription (essential/ advantage/ premier -- btw premier may be removed recently). In any case, you have at least network stack essential w/ some DNA subscription.

See "Cisco DNA for Routing perpetual features" > VPN Support in below link:

 

https://www.cisco.com/c/m/en_us/products/software/sd-wan-routing-matrix.html

 

If you configure router as traditional w/ IPSEC, bandwidth tier must be at least required IPSec throughput.

 

https://www.cisco.com/c/en/us/products/collateral/software/one-wan-subscription/nb-06-dna-sw-rout-sub-faq-ctp-en.html

 

HTH,

 

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

The question needs to be simply stated:

 

Does the 8300 have the ability to do payload encryption WITHOUT some type of software defined architecture - SD-WAN, DNA or otherwise.  

 

I want to use the 8300 the same way I would use an ISR - like a router that can do IPSec encryption with the correct flavor of OS.

 

Thanks!

Of course.

 

Autonomous mode does this. You don't need DNA or SDWAN to run IPSec or any other traditional routing/ tunnelling/ crypto on C8K routers.

 

HTH,

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

Steytler
Level 1
Level 1

Thank you - that's the answer/direction I was looking for.

Review Cisco Networking for a $25 gift card