We're buying a service from a provider and they said we need to have a device that can manage IPsec over L2TP (not the opposite). PIX should not be able to manage that kind of encapsulation (I'm investigating on it, it's a PIX515 with finesse 7.0.2) and I'm looking for the cheapest solution to build the tunnel.
They say the minimum requirements are 12.4, 128 MB RAM, 32 MB Flash and encr./decry. module and they suggest at least a
1812-K9 router.Cisco published one of the first documents about the topic in November 2000. So I think that even a rather old hardware (OK not all old devices) can manage that kind of tunnel. Do you have any idea if I can use hardware like 1720 series or 870 series or a 3640 router?
Moreover is it possible to split the de-encapsulation process by two and let the PIX decrypt the IPsec and forward the L2TP packets to another device that will de-encapsulate them? They say that would be better to have the same device acting both the decryption/de-encapsulation.
TIA for your suggestions, opinions.
Alex.