Is it possible to run Ipsec (Both tunnel or transport mode) over an MPLS (SP) Network? thanks in advance .
- posted
18 years ago
ipsec over mpls network
Loading thread data ...
- Vote on answer
- posted
18 years ago
Yes, it is. We have some banks running such setup over telecom MPLS network.
- Vote on answer
- posted
18 years ago
yes
a normal MPLS telco setup doesnt have anything "MPLS specific" on the CE (router on the telco side of the demarcation), so IPsec can be used on it like any other feature.
the main stumbling block is if the telco doesnt want to do this, or you want to manage your own security keys (since 1 reason to do this is to protect you from the telco itself).
in those cases you may be able to get a service where you run the CE routers rather than the telco (a lot of telcos operate this style of service for outsourcers or SIs), or you can add another device to handle tunnels between the CE router and your LAN. i have seen both styles of service work well.