03-15-2011 06:45 AM - edited 03-06-2019 04:05 PM
Hi,
I see that the Nexus supports wirespeed aes encryption, however this is in the context of trustsec, which begins at the server/client.
Is it possible to encrypt just the trunk links, without changing the servers? We'd like to encrypt the interDC links.
Thanks everyone!
Solved! Go to Solution.
03-15-2011 07:58 AM
franciscomuniz wrote:
Hi,
I see that the Nexus supports wirespeed aes encryption, however this is in the context of trustsec, which begins at the server/client.
Is it possible to encrypt just the trunk links, without changing the servers? We'd like to encrypt the interDC links.
Thanks everyone!
You can use CTS for point-to-point encryption for your DCI links. Following URL has a configuration example for this:
http://www.ciscopress.com/articles/article.asp?p=1395746&seqNum=7
Keep in mind that it is point-to-point encryption so either you extend Layer-2 between Data Centers or have them connected via dark fibers.
Atif
03-15-2011 07:58 AM
franciscomuniz wrote:
Hi,
I see that the Nexus supports wirespeed aes encryption, however this is in the context of trustsec, which begins at the server/client.
Is it possible to encrypt just the trunk links, without changing the servers? We'd like to encrypt the interDC links.
Thanks everyone!
You can use CTS for point-to-point encryption for your DCI links. Following URL has a configuration example for this:
http://www.ciscopress.com/articles/article.asp?p=1395746&seqNum=7
Keep in mind that it is point-to-point encryption so either you extend Layer-2 between Data Centers or have them connected via dark fibers.
Atif
03-15-2011 08:24 AM
Thanks! Just what I was looking for.
Do you know if it works on L3 (i.e. "no switchport") links?
Just curious, as I can do it like the example in any case.
03-15-2011 09:44 AM
franciscomuniz wrote:
Thanks! Just what I was looking for.
Do you know if it works on L3 (i.e. "no switchport") links?
Just curious, as I can do it like the example in any case.
I have not used it but I do not see a reason why it should not work with Layer-3 point-to-point links.
Atif
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: