Tunnelling between serial interface

I would like to setup tunnelling between 2 serial interfaces in our CISCO 7206 so that both locations have got a secure point to point connection.

If I do a tunnelling between these 2 interfaces, what would be an added advantage apart from the fact that it is already point to point at the moment ?

CISCO 7206

Serial interface 1/0/1:0
ip address 10.10.1.9
encapsulation ppp

serial interface 1/0/2:0
ip address 10.10.1.13
encapsulation ppp  

Here is the setup

Location1  (cisco router 1702 )   <----------- T1 ------------>  CISCO 7206  <----------------- T1------------------->  Location 2 (Adtran router)

CISCO router 1720 config :
------------------------------

serial 0
ip address 10.10.1.10

Fastethernet 0
ip address *.*.*.9

ip route  0.0.0.0 0.0.0.0  serial0

Adtran router config:
------------------------
WAN IP :10.10.1.14
Far End IP :10.10.1.13

LAN IP : *.*.*.13

Thanks
SR
LVL 49
sunray_2003Asked:
Who is Participating?
 
lrmooreConnect With a Mentor Commented:
That's a good, cost effective solution. I would suggest the RV042/RV082 model Linksys...
0
 
lrmooreCommented:
This one's easy. No can do GRE tunneling to Adtran. Period.
No real added value. I know I led you down this path to think about it, but I forgot about the Adran Netvanta not being capable...
0
 
sunray_2003Author Commented:
We have Adtran Totalaccess 612 router.
I donot think that has that capability too.

In order to understand about this tunnelling , lets say If I have cisco 1702 at both of these locations , will I be doing the actual tunnelling between these cisco 1720s or will I be doing something in both CISCO 1720 and the CISCO 7206 ?

0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
lrmooreCommented:
A GRE tunnel is strictly between the two endpoints irrespective of what is in between them.
The tunnel appears as another interface that you can route through. Data is encapsulated in GRE packets, but not encrypted. You can add encryption through the tunnel.

Here's an example. Disregard the IPX information, but yes, this is also how you would have to tunnel IPX across the internet that is not IPX capable.
http://www.cisco.com/en/US/tech/tk827/tk369/technologies_configuration_example09186a0080093f70.shtml
0
 
sunray_2003Author Commented:
Thanks..

Just thinking if there would be a good solution for this..

Is there a way to do a private network between these 2 locations that I had mentioned so that , file sharing , plotter sharing can be done. The reason I am concerned is that both locations have got a public IP address. If they open up ports 135 through 139 on the linksys and Adtran router , that wont be totally safe as they have public IPs..

Before this they had a point to point T1 between 2 locations (direct and not through any router) and they have private IP on one router and private IP on the other router and hence were able to do mapping drive , share plotters etc..

I am not quite sure about the security and the doability..

Any suggestions.

SR
0
 
lrmooreCommented:
IPSEC w/GRE VPN would be a good solution if you replace the Adtran, and probably have to upgrade the 1720 also.
You are very wise to consider this a huge risk to open it up with public IP's.

0
 
sunray_2003Author Commented:
Though it may not take much time to do so , how about the option of purchasing a VPN router from Linksys ( http://www.linksys.com/products/product.asp?grid=34&scid=29&prid=589)..

I know I can do the VPN work on the CISCO 1720 but as you know I want to give the control of the internal network to the customer as they already have an IT person who can take care of it..

PC <---> LINKSYS VPN router <---->  CISCO 1720    on one location

PC <---->Linksys VPN router <------> Adtran total Access on another location.

The Adtran is kept at the other location cos that location has got both Data and Voice ..
0
 
sunray_2003Author Commented:
The VPN router that you had suggested is an excellant choice. We tested in our lab and did put at the customer premise and is functional.. Thanks so much

SR
0
 
lrmooreCommented:
very cool....
0
 
sunray_2003Author Commented:
Lrmoore,

We got a RV082 for our office which has around 25 machines and this router is working rock solid. The dual WAN capability is really a nifty feature.. Just wanted to inform you as i was not aware of this linksys product prior to your suggestion

SR
0
 
lrmooreCommented:
That's great! Thanks for the update!
0
All Courses

From novice to tech pro — start learning today.