This document describes the process of implementing dynamic routing over a VPN tunnel.
WHat is Dynamic Routing?
Dynamic routing can be defined as a process which renders optimal data routing. Dynamic routing empowers routers to select the paths according to real-time layout changes in logical network.Routing protocol running on the router takes care of the creation, maintenance and updating of the dynamic routing table where as in static routing, all jobs are required to be performed by user manually.
Most commonly used dynamic routing protocol are:
Routing Information Protocol (RIP)
Open Shortest Path First (OSPF)
Dynamic routing can be explained as mentioned below:
Router delivers and receives routing messages at router interfaces.
Routing information is shared with other routers, which are using the same routing protocol.
Routers keep swaping the routing messages in order to discover information about other remote networks.
Whenever change in topology takes place a triger is sent to the router and topology change is advertised to other routers.
IPSec supports the encryption of unicast IP traffic only. Therefore, routing protocols like Enhanced Interior Gateway Routing Protocol (EIGRP) and Open Shortest Path First (OSPF) and non-IP traffic like Internetwork Packet Exchange (IPX) and AppleTalk are unable to be encrypted using IPSec.
For a workaround, encapsulate such traffic in Generic Routing Encapsulation (GRE) before encryption, using a GRE over an IPSec configuration.
With GRE over IPSec, traffic will be encapsulated first and then encrypted.
For configuration examples, refer to these documents:
I have recently replaced my ASA-5506X with a Firepower 1010. I had Microsoft PPTP pass through set up on the ASA, but cannot get it running on the Firepower. I have tried to configure the VPN Client in FDM, but it says I cannot specify an inter...
we have project for both StealthWatch and ISE. Plan is to configure ISE 2.4 patch 9 to pull events through WMI from Windows Server 2016 to ISE and share it with Stealthwatch. We have problems with ISE collecting events from AD. We used Dom...
Hello,I am running two ISE 2.4 nodes in Prim Admin and Sec Admin and PSN enabled on both.I have installed patch 6, and 9 on Prim Admin and only Patch 9 on Sec Admin. As my Sec Admin was build Months later than Prim Admin so I did not install patch 6...
Hello,I have 2 ISE nodes Version 2.4, Running in Primary Admin and secondary Admin and PSN on both setup.I am running Radius, TACACS+ and Guest services.My Radius and Tacacs are working fine.2 Issues I am facing in my guest setup1.In Guest access self reg...
Hello,I am running ISE 2.4, on prim Admin I have installed patch 6, 9 but on sec Admin installed only Patch 9. because my secondary Admin was build months later so I did not install patch 6 on the same.Is there any problem??