Hi Team,
I would like to stretch 1 broadcast domain over 2 geographically separate locations
connected together with an IPSec VPN Tunnel.
My routers don’t support L2TP.
Was thinking of trying a GRE L2 Tunnel on top of a the IPSec VPN Tunnel.
Do you have any other ideas or protocols ?
p.s. I know that the idea of stretching L2 broadcast domains is not smart but there are some special requirements on this project related to the timely migration of several servers.
HI , You can use dmvpn with IPsec which use mGRE this can encapsulate unicast and multicast, with a IP helper address you can forward the broadcast
marco
Hello V.T.
There are various ways to achieve this, however, it depends upon the equipment you have, and the services provided by the ISP involved.
L2TP would have been the most direct solution, but you can also try an Ethernet over GRE Tunnel if your equipment supports it:
Alternatively, you can speak to your ISP and see what solutions they can provide you with for a temporary L2 link for your migration.
Can you share with us the devices you are using so we can more appropriately suggest other possible solutions?
I hope this has been helpful!
Laz
Hi NL community,
I finally used below protocol stack.
IPSec Firewalls did not support GRE so I had to use 2 SRX for the GRE Tunnel.
It worked well.
Thanks Marco & Laz for your feedback !
Hello V.T.
Thanks for sharing your solution with the community!!
Laz