Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
720
Views
0
Helpful
6
Replies

Traffic encryption

Go to solution
mdjan
Level 1
Level 1

‎07-19-2017 04:14 AM - edited ‎03-08-2019 11:22 AM

Hello Guys,

I would like to interconnect to site via fiber optic en mode peer to peer. It is possible to encrypt all traffic on this link? which king of router/firewall we should use? And how to do traffic encryption without VPN?

THANKS

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Julio E. Moisa
VIP
VIP

‎07-19-2017 05:15 AM

Hi

You could create a GRE tunnel with IPSEC. Take in consideration you must configure the MTU and TCP mss, in order to avoid inconveniences. 

Hope it is useful

:-)




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Julio E. Moisa
VIP
VIP

‎07-19-2017 05:15 AM

Hi

You could create a GRE tunnel with IPSEC. Take in consideration you must configure the MTU and TCP mss, in order to avoid inconveniences. 

Hope it is useful

:-)




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

Go to solution
mdjan
Level 1
Level 1
In response to Julio E. Moisa

‎07-19-2017 06:04 AM

Thank for your reply

I already think about that idea at first but I was not sure if it was the good designing in this case which is a peer to peer connection.

0 Helpful

Go to solution
Julio E. Moisa
VIP
VIP
In response to mdjan

‎07-19-2017 07:37 AM

Hi

Yes, it can be considered as part a good design, the following link can be useful:

http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/WAN_and_MAN/P2P_GRE_IPSec/P2P_GRE/2_p2pGRE_Phase2.html




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

Go to solution
mdjan
Level 1
Level 1
In response to Julio E. Moisa

‎07-20-2017 05:15 PM

Thank eduardomoi  

0 Helpful

Go to solution
Julio E. Moisa
VIP
VIP
In response to mdjan

‎07-20-2017 05:31 PM

Hi,

It was a pleasure, have a great day.

:-)




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

Go to solution
Karsten Iwen
VIP
VIP

‎07-20-2017 05:17 AM

In situations like these, I would go for MACsec where the switches do the link-encryption. This can achieve line-rate encryption where a firewall would need to be very good sized.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card