cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1917
Views
0
Helpful
4
Replies

Need Help with GET VPN

Arifuddinkhaja
Level 1
Level 1

Dear All,


I would like to have your valuable inputs on the below mentioned :

        1. We have 2800  + 7604 Routers. We need to run “GET VPN(Cisco Group Encrypted Transport VPN)” on the these routers. How can we run GET VPN on routers 2800 & 7604?

     2. Does it requires additional Module (or) Feature Set (or) License to run GET VPN on the 2800 & 7604 routers?

(Note: pls refer to the URL FYI : http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6635/ps7180/product_data_sheet0900aecd80582067.html)



Looking forward for ur prompt response..


Thanks & Brgds!!!

4 Replies 4

Marcin Latosiewicz
Cisco Employee
Cisco Employee

There is no problem to run GET on 2800.

However look into the link you just posted:

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6635/ps7180/product_data_sheet0900aecd80582067.html

Table 2. Cisco Hardware Platforms That  Support Cisco GET VPN

There is no support for 7600 neither as KS not GM as far as I know.

Configuration guide for your 2800:

http://www.cisco.com/en/US/docs/ios/sec_secure_connectivity/configuration/guide/sec_encrypt_trns_vpn_ps6441_TSD_Products_Configuration_Guide_Chapter.html

Hope this helps, let me know once you have further questions.

Marcin

Hi!!

Thank u 4 ur prompt response.I wud lyk 2 know

1. Is it possible to run GET VPN on 7604 router wth additional module or feature set or license or any other bundles??

2. What is required to run GET VPN on 2801 router I mean feature, or license or module?. Pls let me know the part number for the same.

Appreciate ur early response.

Thanks & Warm Regards!!!!!!!!!!

Hey :-)

Ad.1) No, IPsec module (VPNSM or VPN SPA) for 7600 is highly specilized device.

http://www.cisco.com/en/US/docs/interfaces_modules/shared_port_adapters/configuration/6500series/76ovwvpn.html

Group Encrypted Transport VPN (GETVPN)

N

N

N

N

N

N


Currently GET is not available on 7600 and 6500. I know the feature is not the roadmap, but you can get in contact with your Cisco SE for him to obtain more information from product team.

Ad.2) You need advanced security image (please consult feature navigator). There is not licensing needed in 12.4T train, I'm not aware of any changes in 15.0.

The configuration guide does not mentions any licensing.

For pre-requisites and restrictions have a look at configuration guide:

http://www.cisco.com/en/US/docs/ios/sec_secure_connectivity/configuration/guide/sec_encrypt_trns_vpn_ps10591_TSD_Products_Configuration_Guide_Chapter.html#wp1051757

Note that ISRs and ISR2g have built in crypto accelarator, it's far from performance AIM modules can reach but it's there.

edit: Rephrasing role of SE.

Following Devices are supported for GET VPN

Key Server:

ISR-G2 with 15.1 Image

1800

12.4(11)T

2800

12.4(11)T

3800

12.4(11)T

7200

12.4(11)T

7200-NPE-G2

12.4(11)T1

7201

12.4(11)T

7301

12.4(11)T

Group Member:

ASR 1002,1004,1006, ISR -G2 ( 15.1)


1800

12.4(11)T

2800

12.4(11)T

3800

12.4(11)T

7200

12.4(11)T

7200-NPE-G2

12.4(11)T1

7201

12.4(11)T

7301

12.4(11)T

871

12.4(11)T