[vpn] Transparent bridging over Cisco VPN?

Stephen Hope Stephen.Hope at energis.com
Mon Jun 24 08:03:06 EDT 2002 

I don't think either the VPN 3000 or the 800 series routers support bridging
or routing of Appletalk. I found a ref. To bridging support on 800 series in
the release notes. 

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121relnt/800
/rn800t.htm
<http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121relnt/80
0/rn800t.htm> 

But that may not support a VPN tunnel.

VPN 3000 doesn't seem to mention anything in the docs apart from IP.

So, if you want to use either Appletalk routing or bridging you may need
some the larger (read more expensive) Cisco routers at each end of the
tunnel. I would suggest a 1700 series box at the remote site, and 2600 or
bigger at the centre if you have a lot of remotes. These and others can
support hardware encryption if you need high bandwidth.


It is a long time since Appletalk was a common protocol, but whenever I have
built a network supporting it over a WAN I have used routing, which works
reasonably well. I wouldn't want to bridge it across a WAN, due to the
amount of background traffic an Appletalk end system generates.


There is a standards based protocol called "AURP" which tunnels Appletalk
over IP. It also has some tools to remap network numbers and reduce overhead
traffic. It is supported in cisco IOS (but not on 800 series). The end
points are effectively Appletalk routers, with the tunnel acting as a
logical network link between them.

Alternatively, the L2TP  and PPTP protocols can support Appletalk routing
and bridging, but you will need an implementation that will work with your
other system components. Don't know of any off hand.......

Stephen

-----Original Message-----
From:	schowning [mailto:steve at rotdoctor.com]
Sent:	Friday, June 21, 2002 4:26 PM
To:	jt; vpn at securityfocus.com
Subject:	Re: [vpn] Transparent bridging over Cisco VPN?

Open Door Networks has some client software that converts AppleTalk 
to TCP/IP which should then be able to be transmitted over any normal 
network. Check out:
http://www.opendoor.com/shareway/
for more info.

Steve Chowning

>How about redirecting the vpn tunnel to the internet router and then
>tunneling the appletalk in an IP friendly packet to the remote site?
>
>JT
>
>
>----- Original Message -----
>From: "Jim Dueltgen" <jimd at lmi.net>
>To: <vpn at securityfocus.com>
>Sent: Thursday, June 20, 2002 6:16 PM
>Subject: [vpn] Transparent bridging over Cisco VPN?
>
>
>>  I'm wondering if anyone knows whether or not the Cisco 3000-series
>>  VPN servers (or any other VPN concentrator you're familiar with)
>>  support protocol-transparent bridging to remote hardware clients,
>>  such as the Cisco 806 Broadband router or the VPN 3002 Hardware
>>  Client.  The literature for the 806 seems to suggest it's possible at
>>  that end but I can't find anything one way or the other on the
>>  3000-series.  The question is being driven by the need to support
>>  Appletalk over a VPN sooner than all the end-users can reasonably
>>  upgrade to OS X which would eliminate the need to use Appletalk and
>>  transparent bridging.  I've done this in point-to-point applications
>>  with low-end FlowPoint/Efficient DSL routers but that won't work for
>>  us in this situation.  Any guidance would be appreciated.
>>
>>  Regards,
>>
>>
>>  - Jim Dueltgen
>  >    LMi.net
>  >
>  > VPN is sponsored by SecurityFocus.com
>  >
>
>
>VPN is sponsored by SecurityFocus.com


-- 
"Face piles of trials with smiles. It riles them to believe that you 
perceive the web they weave" - Moody Blues

VPN is sponsored by SecurityFocus.com


********************************************************************************************************
This e-mail is from Energis plc, 50 Victoria Embankment, London, EC4Y 0DE, United 
Kingdom, No: 2630471.

This e-mail is confidential to the addressee and may be privileged. The views 
expressed are personal and do not necessarily reflect those of Energis. If you are not 
the intended recipient please notify the sender immediately by calling our switchboard on 
+44 (0) 20 7206 5555 and do not disclose to another person or use, copy or forward 
all or any of it in any form.

********************************************************************************************************


VPN is sponsored by SecurityFocus.com

More information about the VPN mailing list