About jamesduv9

jamesduv9 · 04-12-2023

Greetings,I'm looking for a sanity check, and possibly a smarter way to solve a problem I'm having. My goal is to have one VPN use only GRE encapsulation, and the second VPN use only IPSEC. These different VPNs have different security constraints and...

jamesduv9 · 04-13-2023

Thanks Kanan,That's the same conclusion I came up with. I guess I was expecting there was some way to wildcard some of the values in the TLOC or TLOC list inside of the policy.The solution scales well at the spoke policy, since I will almost always j...

jamesduv9 · 04-19-2022

Thanks for the diagram. You should also be able to set the MTU size on the encryptor itself. I would refer to the vendors documentation on how much overhead is required, and subtract that from your LTE router's tunnel MTU. I believe a popular INE ven...

jamesduv9 · 04-19-2022

Can you provide a rough diagram or running configuration of the devices? I don't think we have enough information here to give any good advice. I'm assuming your topology looks like - VPN SPOKE > INLINE ENCRYPTOR > INLINE ENCRYPTOR > VPN HUB

jamesduv9 · 04-18-2022

I was able to get a similar setup working in a lab. Since both your peers in the Hawaii and Boston VRF are in AS123, you need to allow the local AS in on Boston/Hawaii, or override the AS at the Verizon PoP. On the Verizon PoP:router bgp 65300 addr...

jamesduv9 · 04-17-2022

Posting the output of show run | sec dhcp would be helpful. Is it possible that the 172.x.x.x subnet and the DHCP pool are associated with a VRF?

Member Since	‎04-16-2022 11:56 AM
Date Last Visited	‎06-11-2024 01:03 AM
Posts	7

User Statistics

User Activity

Custom VPN Topology - VPN Specific Encapsulations

Re: Custom VPN Topology - VPN Specific Encapsulations

Re: MTU Size issue?

Re: MTU Size issue?

Re: Route leak between VRF issue

Re: DHCP Conflict on switch core