X hits on this document

PDF document

Cisco AVVID Network Infrastructure IP Multicast Design - page 71 / 98

222 views

0 shares

0 downloads

0 comments

71 / 98

Chapter 6

IP Multicast in a Site-to-Site VPN

VPN Deployment Model

Access List Configuration for Encryption

The access list entries that define the traffic to be encrypted must be mirror images of each other on the IPSec peers. If the access list entries include ranges of ports, then a mirror image of those same ranges must be included in the remote peer access lists. The addresses specified in the access lists are independent of the addresses used by the IPSec peers.

In the examples below, GRE entries have been specified for both source and destination addresses. The source address is the local router's side of the ISP connection and the destination address is the ISP connection on the other router's interface. All traffic encapsulated in the GRE packets will be protected.

The examples below show the same flow for the ACL. The name of the ACL and the unique addresses are the only differentiating factors.

Head-End

Following is the ACL configuration for VPN-HE-1.

ip access-list extended toBranch1

permit gre host 131.108.1.1 host 131.108.101.1 ip access-list extended toBranch2

permit gre host 131.108.1.1 host 131.108.102.1

Following is the ACL configuration for VPN-HE-2.

ip access-list extended toBranch2

permit gre host 131.108.1.5 host 131.108.102.1 ip access-list extended toBranch1

permit gre host 131.108.1.5 host 131.108.101.1

Branch

Following is the ACL configuration for VPN-Branch-1.

ip access-list extended toHE-1

permit gre host 131.108.101.1 host 131.108.1.1 ip access-list extended toHE-2

permit gre host 131.108.101.1 host 131.108.1.5

Following is the ACL configuration for VPN-Branch-2.

ip access-list extended toHE-2

permit gre host 131.108.102.1 host 131.108.1.5 ip access-list extended toHE-1

permit gre host 131.108.102.1 host 131.108.1.1

Cisco AVVID Network Infrastructure IP Multicast Design

956651

6-7

Document info
Document views222
Page views222
Page last viewedWed Dec 07 09:12:32 UTC 2016
Pages98
Paragraphs2650
Words25637

Comments