Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1321
Views
15
Helpful
6
Replies

Cat8300 - No controllers - Autonomous mode

Go to solution
Steytler
Level 1
Level 1

‎05-16-2022 06:39 AM

I'm trying to help my customer who purchased Cat8300 prior to my engagement, with the expectation they could do payload encryption with VIT.

 

I know these are SD-WAN boxes but here's my question:  If the customer purchased the enterprise SD-WAN license but keeps the devices in Autonomous mode, can we configure them with a VTI to do payload encryption?

 

thanks,

Steytler

1 Accepted Solution

Accepted Solutions

Go to solution
Kanan Huseynli
VIP
VIP

‎05-23-2022 01:20 PM

Of course.

 

Autonomous mode does this. You don't need DNA or SDWAN to run IPSec or any other traditional routing/ tunnelling/ crypto on C8K routers.

 

HTH,

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

View solution in original post

6 Replies 6

Go to solution
Flavio Miranda
VIP
VIP

‎05-16-2022 07:01 AM

Hi

    Considering this router can work as autonomous (all of them actually can) and assuming VTI can be configured in autonomous router (you can see here ) then the conclusion is yes, with appropriate licensing this router can stablish VTI ipsec with another router.

 

 

Go to solution
Steytler
Level 1
Level 1
In response to Flavio Miranda

‎05-16-2022 08:16 AM

thanks,  I'm familiar with VTI's.  I'm just trying to get this customer a solution without having to order new equipment.  the 8300's have been on order for a year.

0 Helpful

Go to solution
Kanan Huseynli
VIP
VIP

‎05-22-2022 04:29 PM

Hi,

 

Cisco C8300 has 2 types of licenses: network stack (essential/ advantage) and DNA subscription (essential/ advantage/ premier -- btw premier may be removed recently). In any case, you have at least network stack essential w/ some DNA subscription.

See "Cisco DNA for Routing perpetual features" > VPN Support in below link:

 

https://www.cisco.com/c/m/en_us/products/software/sd-wan-routing-matrix.html

 

If you configure router as traditional w/ IPSEC, bandwidth tier must be at least required IPSec throughput.

 

https://www.cisco.com/c/en/us/products/collateral/software/one-wan-subscription/nb-06-dna-sw-rout-sub-faq-ctp-en.html

 

HTH,

 

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

0 Helpful

Go to solution
Steytler
Level 1
Level 1
In response to Kanan Huseynli

‎05-23-2022 06:34 AM

The question needs to be simply stated:

 

Does the 8300 have the ability to do payload encryption WITHOUT some type of software defined architecture - SD-WAN, DNA or otherwise.  

 

I want to use the 8300 the same way I would use an ISR - like a router that can do IPSec encryption with the correct flavor of OS.

 

Thanks!

0 Helpful

Go to solution
Kanan Huseynli
VIP
VIP

‎05-23-2022 01:20 PM

Of course.

 

Autonomous mode does this. You don't need DNA or SDWAN to run IPSec or any other traditional routing/ tunnelling/ crypto on C8K routers.

 

HTH,

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

Go to solution
Steytler
Level 1
Level 1

‎05-23-2022 02:21 PM

Thank you - that's the answer/direction I was looking for.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card