Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2385
Views
0
Helpful
4
Replies

DHCP over IPsec VPN or Bridge over IPsec VPN

samciscoupdateacc
Level 1
Level 1

‎01-25-2017 10:51 AM - edited ‎03-08-2019 09:03 AM

Hi,

I am trying to Extend my (e.g. 192.168.1.0) Network over IPec VPN Tunnel. 

The network will be used for our IP Phone system (AVAYA) and I am having major difficulty trying to setup this connection. 

This is a quick rundown what i am trying to accomplish:

Site 1:

Cisco 2911 IOS 15.0 provides the IPsec VPN connection to the Site2 : WAN IP Address 10.0.0.1, Tunnel IP 150.0.0.1

AVAYA IPoffice is a DHCP Server.  IP address 192.168.1.1

It needs to provide DHCP to the Site 2 over IPsec VPN

Performed protocol is RIPv2 (This can be changed) 

Site 2: 

Cisco 2911 IOS 15.0 provides the IPsec VPN connection to the Site1 site: WAN IP Address 10.0.0.2, Tunnel IP 150.0.0.2

AVAYA IP Phones 1608 set as DHCP Clients looking for 192.168.1.1 DHCP Server

Please provide any suggestions regarding this. 

Thanks 

 

Labels:
0 Helpful
4 Replies 4

Richard Burts
Hall of Fame
Hall of Fame

‎01-25-2017 11:07 AM

The phone/dhcp client at site 2 will send a dhcp request which is a broadcast looking for the server at site 1. Unfortunately the IPsec tunnel is intended for IP unicast traffic. SO dhcp server at site 1 will not work with dhcp client at site 2 over an IPsec tunnel. Perhaps you need to look at L2TPv3 as a way to extend the subnet between sites. You might find some details at this site

https://en.wikipedia.org/wiki/Layer_2_Tunneling_Protocol

HTH

Rick

HTH

Rick
0 Helpful

samciscoupdateacc
Level 1
Level 1
In response to Richard Burts

‎01-25-2017 03:01 PM

Hi Richard,

How would I configure L2TPv3 on the Router to make this case work?

Thanks 

0 Helpful

samciscoupdateacc
Level 1
Level 1
In response to samciscoupdateacc

‎01-26-2017 07:55 AM

Hi Richard,

I just found out that Cisco 2911 doesn't support L2TPv3. 

http://www.cisco.com/c/en/us/support/docs/ip/layer-two-tunnel-protocol-l2tp/116266-configure-l2-00.html

The only option I have is PPTP Site-to-Site VPN and with Bridge protocol using GRE tunnel over PPTP VPN. 

Do you have any idea how to configure this?

Please let me know soon.

Thanks 

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to samciscoupdateacc

‎01-26-2017 08:15 AM

L2TPv3 would be the best solution. It is unfortunate that the 2911 does not support it. In a lab I experimented with Bridging over a GRE tunnel. I got the tunnel to come up and to pass some traffic. But that implementation is not officially supported which means that while it may work that if any problem comes up that TAC will not be able to assist and that Cisco would not be committed to supply a solution to the problem. So I would be reluctant to try that for a production situation. I do not have experience setting up PPTP and do not have advice for that. Perhaps some other participant in the forum might address this.

Basically having the same subnet/network in two locations that are remote from each other is not a good design. Is there any possibility of getting a separate network for the Avaya phones at the remote site?

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents