Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login
    Introducing Netgate Nexus: Multi-Instance Management at Your Fingertips.

    L2 VPN inside an Already Established IPSec VPN

    Scheduled Pinned Locked Moved IPsec
    1 Posts 1 Posters 462 Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J Offline
      jtkowtko
      last edited by

      CS2021-VPN-Solution.jpg

      Greetings,

      I have the situation illustrated in the graphic attached. My task is to establish a layer 2 VPN underlying the IPSec VPN (or some kind of connection that will support BGP and not demand a billion traffic selectors for the IPSec VPN). I have 3 devices to work with. Vyatta, pfSense, and MicroTik. Which device would be best and what tech (VPN method) would be best in this scenario. Here are some requirements that need to be met:

      • The networks on the LEFT will be dynamic and will be updated inside a massive BGP enterprise and passed to the Site 1 BGP process

      • The networks on the RIGHT will be generally static.

      • The IPSec VPN is already established and is out of my control. Phase 2 traffic selectors include only the endpoints for the IPSec tunnel.

      Any help would be greatly appreciated.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2026 Rubicon Communications LLC (Netgate). All rights reserved.