Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
540
Views
0
Helpful
2
Replies

Capabilities for Site-to-Site IPSEC tunnel

Go to solution
nhorstman
Level 1
Level 1

‎11-12-2013 08:01 AM - edited ‎03-07-2019 04:34 PM

Greetings,

I have what is probably a very basic question regarding the capabilities of a Cisco router for creating a Site-to-Site IPSEC tunnel between two sites.  The system involved is a mainframe and one of its ethernet connections handles both server traffic and high-speed printing traffic.  There is a new requirement to split the print traffic off and encrypt it, but at the same time maintain the existing, single ethernet connection from the mainframe for both servers and printers.  My thought is a Cisco router could be configured to create an IPSEC tunnel for the print traffic and split it out from the server traffic.  In this way, instead of the mainframe being connected straight to switched network, as it is now, it would be plugged to an ethernet interface on the router.  Then an IPSEC tunnel could be created with the IOS that would send the print traffic through the network to a peer IPSEC router where the printers are located.  The server traffic would be passed to the switched network as is.  The router at the mainframe end would connect to the same, single inteface on switched network that it does now.

Is this a feasible setup?  If so, what router family could provide this funtionality?

Thanks and regards.

Nick

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
cadet alain
VIP Alumni
VIP Alumni

‎11-12-2013 08:10 AM

Hi,

of course you can decide which IP traffic to send through the VPN tunnel either with a crypto ACL or if using VTI based VPN by not sending non VPN traffic on the VTI interface.

All routers doing IPSec VPNs can achieve this.

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
cadet alain
VIP Alumni
VIP Alumni

‎11-12-2013 08:10 AM

Hi,

of course you can decide which IP traffic to send through the VPN tunnel either with a crypto ACL or if using VTI based VPN by not sending non VPN traffic on the VTI interface.

All routers doing IPSec VPNs can achieve this.

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
0 Helpful

Go to solution
nhorstman
Level 1
Level 1
In response to cadet alain

‎11-13-2013 10:20 AM

Thanks very much Alain, this is exactly the information I needed.

Regards,

Nick

0 Helpful
Customers Also Viewed These Support Documents