Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
388
Views
0
Helpful
1
Replies

IPSEC between devices with a single interface

Not applicable

‎07-04-2017 11:08 AM - last edited on ‎02-21-2020 09:21 PM by Community Manager

Hello,

This is a generic question about an IPSEC tunnel which is to run between 2 devices which have a single physical interface on each side of the tunnel...

My concern is how the crypto ACLs will behave when traffic hits the interface inbound and needs to be sent across the tunnel, and how the crypto ACLs should be applied on the opposing side to ensure there is no duplicated encryption...

Also, does a routing decision get made after the crypto ACL decides wether or not to send traffic across the tunnel? i.e will a permit ACL send across to the other side of the tunnel ignoring the local routing table for a potentially routable destination?

Has anyone had a similar issue? Is the solution possible?

Any help would would be greatly appreciated.

Thanks

Labels:
0 Helpful
1 Reply 1

Philip D'Ath
VIP Alumni
VIP Alumni

‎07-04-2017 12:55 PM

If these are routers, use VTI tunnels.

0 Helpful
Customers Also Viewed These Support Documents