01-21-2009 10:58 AM - edited 02-21-2020 04:07 PM
Hi Everyone,
I need to create a site-to-site IPSec VPN tunnel between 2 sites with layer 2 connectivity between the sites. That is, layer 2 broadcasts on one end of the tunnel will be seen on the other end.
Does the ASA5520 support this? If not, what Cisco routers/switches will provide this functionality?
Thanks in advance for your help. Ian.
01-21-2009 02:59 PM
Could you please explain why you need have this setup?
To my knowledge, Cisco Layer 2 VPN solution is just for carrier/ISP.
02-09-2009 06:30 AM
Hi Kwu2,
Sorry for getting back to you so late.
A vendor is buliding a very large turnkey application for us that needs to be integrated into our network and communicate with existing devices on our network for acceptance testing during their build. They are located in another country. Once built, the system will be delivered to us.
There is a desire to:
- ensure the applications they are building can communicate at Layer 2 (ie. same broadcast domain) to systems currently at our location.
- keep the same IP addresses when the system is shipped to us.
We are not sure that this is an absolute requirement; we will find out in the upcoming weeks. But in the meantime we wanted to know if it was even possible (without getting too involved with our ISPs).
Thx, Ian.
P.S. Our Security Architect said he did this 8 years ago with Nortel VPN devices and is surprised to hear that it is not easy to do with Cisco gear.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide