Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
487
Views
0
Helpful
2
Replies

GETVPN & IPSec encryption

hmdavies
Level 1
Level 1

‎05-31-2016 06:42 AM - edited ‎02-21-2020 08:50 PM

We currently have ASR1002-X's configure with GETVPN applied to the WAN interface within the Global RIB, is it possible to apply IPsec tunnels to interfaces residing in a another VRF?

The IPsec encrypted interface would be a sub-interface on the same physical interface as GTEVPN i.e.

Interface Ten 0/1/0.100 using GETVPN

Interface Ten 0/1/0.200 using IPsec

Labels:
0 Helpful
2 Replies 2

Frank DeNofa
Cisco Employee
Cisco Employee

‎06-06-2016 06:19 AM

hmdavies,

I don't foresee any issues with this. If everything is in a unique VRF, all of our traffic and crypto processes should be segregated and should not cause any conflicts. Did you have a proposed config snippet you can share?

HTH,

Frank

0 Helpful

hmdavies
Level 1
Level 1
In response to Frank DeNofa

‎06-07-2016 06:09 AM

many thanks for your feedback, no configs yet as this is at the concept stage at present

Regards

Howard

0 Helpful
Customers Also Viewed These Support Documents