cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
732
Views
0
Helpful
5
Replies
Beginner

Tunneling between Switches

I am looking to create a secure tunnel between a 3560G and a 3750G. Any thoughts?

Everyone's tags (3)
5 REPLIES 5
Highlighted

Re: Tunneling between Switches

Hi,

   What do you mean secure tunnel?  Please explain a bit more about your question.

HTH,

Toshi

Highlighted
Beginner

Re: Tunneling between Switches

The data will be going through an encrytping device on both ends. Basically, Distant end (users > 3750G > Encrypting device > 3570G ) > Near end (3560G > Encrypting device > 3560G > router).

Highlighted
Cisco Employee

Re: Tunneling between Switches

Well in this case, your encryption device connected to 3750G will do the encryption/decryption (depending upon the traffic flow/directtion)  and these encrypted pakcets will be just the plan data IP traffic which will be switches by the 3750G's. The other end encrypted connected to 3560

G will do the decrypt/encrypt of the encrypted IP traffic. This will be encrypted IP packets that these switches should be able to forward. Since these switches have nothing to do in terms of encryption and decryption you should be able to run this scenario fine.

Let me know if my understanding is not correct in terms of data flow.

HTH,

-amit singh

Highlighted
Beginner

Re: Tunneling between Switches

Yes, I think you got the jist of what I was trying to say. Just incase though, I will have 2 secure/encrypted networks that need to be tunneled between an unsecured network. I read somewhere that creating a point-to-point tunnel between 2 switches using loopback IPs will work.

Highlighted
Cisco Employee

Re: Tunneling between Switches

As Toshi mentioned, Please explain a bit more on the requirement. The 3560G/3750G switches do not support any type of tunneling except dot1q tunneling which is basically used for VLAN translation/mapping.On the newer 3750-x/3560-x  switches, we have a feature of MACSEC which basically supports 128bit port-port line-rate encryption. The hardware is capable of this feature  and we are due to realese the software to enable this same.

HTH,

-amit singh

CreatePlease to create content
Content for Community-Ad