cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
481
Views
2
Helpful
2
Replies
Ahmed Shahzad
Beginner

GETVPN on MPLS Cloud

Hi Gurus,

We would like to implement MPLS with Ingress PE NAT, so customer with overlapping IP addresses can access the shared services, as describe in the given document:

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a0080b40929.shtml#ingresspenat2

My Question is that can we run GETVPN between the PE routers, so satisfy the customer that all the customer traffic trying to access shared services are encrypted?

Best Regards,

Ahmed.

2 REPLIES 2
Lei Tian
Cisco Employee

Hi Ahmed,

I think that depends on where do you put the GMs. Basically, GETVPN doesn't work with NAT-T. So, if you want all customer CE and shared service CE in the same GETVPN group, then this won't work. However, if you want all PEs in the GETVPN cloud, then NAT will happen before encryption; so, that will work with no problem, but traffic from CE to PE is not encrypted.

Regards,

Lei Tian

Hi,

Thanks Lei for your response.

It means we can run GETVPN among PE and P routers without any problem. We can establish a separate point-to-point tunnel between CE and PE.

Do you have specific document showing configuration of MPLS on PE and P routers, along with GETVPN?

Best Regards,

Ahmed Shahzad.

Content for Community-Ad

This widget could not be displayed.