VPN-IOS [7:1560]

[Arumugam Sundarum]

Hi,
I need to establish a single VPN connection between two routers...
One of them is a 2600 series router and the other is a 800 router.

The 2600 is using frame relay on one of its sub interface and connects to
the intenet (UUnet). The other has similar charteristics too.
Now, I know that the both its IOS has to be upgrade to 12.7, major release
and cisco specifies hte recommended size of RAM and ROM. Do we need to
follow these specifications strictly.

The IOS 12.7 has many type to choose from such as Enterprise IPsec, IPsec,
IPlus, blah,blah. Which is the most appropriate one to choose ??? 

WIth these IOS upgrade, Is it true that I can start specifiying the crypto
ISAKMP specification (IKE, MD5, SHA, etc,etc) in the IOS at both ends to
create a secured tunnel or do I ned to add something else too such as new
module cards,interface, etc.

Once I have created the tunnel, what test can be done to ensure that the
data transfered is secured ?

pls enlightened.

thanks in advance.

rgds.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=1560&t=1560
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VPN-IOS [7:1560]

[Jason J. Roysdon]

Get the most minimal IOS version that supports the features you need (just
sounds like you need IPSEC, but the Firewall feature set would be
recommended if you don't have something else, and it's going to add more
DRAM/Flash requirements as well).  Each additional feature set is going to
add more flash requirements and some DRAM (although they really start to eat
up the RAM when you use them).  Adhere the minimum DRAM specs (you have to
on Flash, or the image just won't fit), and I usually recommend to go
somewhat over in case you need to run a newer version for bug fixes that
requires it (plus I've seen a lot of router that had the recommended DRAM,
but still ran out and lost telnet access).

I suggest going over Cisco's VPN/IPSEC tutorial and review sample configs.
That should be the place everyone starts when considering implementing
something new:
http://www.cisco.com/warp/public/707/index.shtml#ipsec

--
Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+
List email: [EMAIL PROTECTED]
Homepage: http://jason.artoo.net/



""Arumugam Sundarum""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi,
> I need to establish a single VPN connection between two routers...
> One of them is a 2600 series router and the other is a 800 router.
>
> The 2600 is using frame relay on one of its sub interface and connects to
> the intenet (UUnet). The other has similar charteristics too.
> Now, I know that the both its IOS has to be upgrade to 12.7, major release
> and cisco specifies hte recommended size of RAM and ROM. Do we need to
> follow these specifications strictly.
>
> The IOS 12.7 has many type to choose from such as Enterprise IPsec, IPsec,
> IPlus, blah,blah. Which is the most appropriate one to choose ???
>
> WIth these IOS upgrade, Is it true that I can start specifiying the crypto
> ISAKMP specification (IKE, MD5, SHA, etc,etc) in the IOS at both ends to
> create a secured tunnel or do I ned to add something else too such as new
> module cards,interface, etc.
>
> Once I have created the tunnel, what test can be done to ensure that the
> data transfered is secured ?
>
> pls enlightened.
>
> thanks in advance.
>
> rgds.
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=1561&t=1560
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]