I currently work for a company that now has the need to share or "extend" one of our internal VLAN's to our disaster recovery site. We currently have an IPSEC tunnel between these two sites between 3745 routers on each end. From what I have read, the best way to accomplish this is to use a GRE tunnel between switches at each site. I have a 6509 at the home office and 4006 at the DR site. Here are some of the questions I would love to find answers to.
The end result we are looking for is to have 2 different servers live on the same ip segment (vlan) in 2 different geographical locations (home office & DR)
1. are the switches the best place to terminate these GRE tunnels?
2. Will this even accomplish the end result we are wanting?
3. Would this be better to do using PIX firewalls on each end (I have some extras at my disposal)
Any insight/expertise you can provide would be greatly appreciated. Let me know of any questions you need answered that would allow you to better answer my questions. Thanks in advance.
-Steve
The end result we are looking for is to have 2 different servers live on the same ip segment (vlan) in 2 different geographical locations (home office & DR)
1. are the switches the best place to terminate these GRE tunnels?
2. Will this even accomplish the end result we are wanting?
3. Would this be better to do using PIX firewalls on each end (I have some extras at my disposal)
Any insight/expertise you can provide would be greatly appreciated. Let me know of any questions you need answered that would allow you to better answer my questions. Thanks in advance.
-Steve