ipsec over mpls network

Is it possible to run Ipsec (Both tunnel or transport mode) over an MPLS (SP) Network? thanks in advance .

Reply to
Loading thread data ...

Yes, it is. We have some banks running such setup over telecom MPLS network.

Reply to


a normal MPLS telco setup doesnt have anything "MPLS specific" on the CE (router on the telco side of the demarcation), so IPsec can be used on it like any other feature.

the main stumbling block is if the telco doesnt want to do this, or you want to manage your own security keys (since 1 reason to do this is to protect you from the telco itself).

in those cases you may be able to get a service where you run the CE routers rather than the telco (a lot of telcos operate this style of service for outsourcers or SIs), or you can add another device to handle tunnels between the CE router and your LAN. i have seen both styles of service work well.

Reply to

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.