L2 VPN inside an Already Established IPSec VPN
-
Greetings,
I have the situation illustrated in the graphic attached. My task is to establish a layer 2 VPN underlying the IPSec VPN (or some kind of connection that will support BGP and not demand a billion traffic selectors for the IPSec VPN). I have 3 devices to work with. Vyatta, pfSense, and MicroTik. Which device would be best and what tech (VPN method) would be best in this scenario. Here are some requirements that need to be met:
-
The networks on the LEFT will be dynamic and will be updated inside a massive BGP enterprise and passed to the Site 1 BGP process
-
The networks on the RIGHT will be generally static.
-
The IPSec VPN is already established and is out of my control. Phase 2 traffic selectors include only the endpoints for the IPSec tunnel.
Any help would be greatly appreciated.
-