07-19-2017 04:14 AM - edited 03-08-2019 11:22 AM
Hello Guys,
I would like to interconnect to site via fiber optic en mode peer to peer. It is possible to encrypt all traffic on this link? which king of router/firewall we should use? And how to do traffic encryption without VPN?
THANKS
Solved! Go to Solution.
07-19-2017 05:15 AM
Hi
You could create a GRE tunnel with IPSEC. Take in consideration you must configure the MTU and TCP mss, in order to avoid inconveniences.
Hope it is useful
:-)
07-19-2017 05:15 AM
Hi
You could create a GRE tunnel with IPSEC. Take in consideration you must configure the MTU and TCP mss, in order to avoid inconveniences.
Hope it is useful
:-)
07-19-2017 06:04 AM
Thank for your reply
I already think about that idea at first but I was not sure if it was the good designing in this case which is a peer to peer connection.
07-19-2017 07:37 AM
Hi
Yes, it can be considered as part a good design, the following link can be useful:
http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/WAN_and_MAN/P2P_GRE_IPSec/P2P_GRE/2_p2pGRE_Phase2.html
07-20-2017 05:15 PM
Thank eduardomoi
07-20-2017 05:31 PM
Hi,
It was a pleasure, have a great day.
:-)
07-20-2017 05:17 AM
In situations like these, I would go for MACsec where the switches do the link-encryption. This can achieve line-rate encryption where a firewall would need to be very good sized.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: