VPN questions

Bl8ckr0uterBl8ckr0uter Posts: 5,031Inactive Imported Users ■■■■■■■■□□
I am currently upgrading my router to an IOS version that can handle Zone Based Firewalls. In the mean time, I have a few questions.

I know VPNs can be implemented on the lan, but can the be implemented between certain sub interfaces on the same (or different) routers. For an example say you have this config


R1 >> R2

R1 has s0.01 (ip address 10.0.1.1) and R2 has s0.01 (10.0.1.2)
R2 has s0.02 (ip address 10.0.2.1) and R2 has s0.02 (10.0.2.2)
Could you implement a VPN over these point to point interfaces.

Is it possible to implement a vpn over sub interfaces on the same router?

Lets say R1 fe port is running dot1q and there are "special" vlans that need extra security. Could you have a vpn running between certain subinterfaces?

Comments

  • networker050184networker050184 Posts: 11,962Mod Mod
    Between two routers point to point yes. I don't think you can configure an IPSEC VPN from a router back to itself though.
    An expert is a man who has made all the mistakes which can be made.
  • Bl8ckr0uterBl8ckr0uter Posts: 5,031Inactive Imported Users ■■■■■■■■□□
    Between two routers point to point yes. I don't think you can configure an IPSEC VPN from a router back to itself though.

    Thanks. I was looking at the ISCW CBTs and it wasn't clear. It just stated that you could do a lan based vpn (rather than the traditional wan based vpn). Now that I think about my second question, it would be stupid. There would be no key exchange because it would be the same router. ...

    I need to brush up on vpns before the test.
Sign In or Register to comment.