The MPLS WG Archive[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index][Thread Index][Author Index][Subject Index] AW: ISPs offering VPN service
Curtis Although I agree with the recommendation of using IPSEC for VPNs, unfortunately, the lack of deployed key management schemes that are interoperable between software and hardware vendors has caused quite a bit of headache. Also, if a company wants to tunnel voice or other types of services over the VPN (thereby making it multi-service) then I am not quite sure IPSEC still is the right answer. Bora Curtis Villamizar wrote: > In message <DB74A4E69C7CD311B740006008136E078D349B@MCHH213E>, Hummel Heinrich w > rites: > > > > 2) Establishing a VPN by a network administrator completely from his desk. > > Juha's "soft-LSP" scenario should even be extended to a "3rd-party LSP s > > etup" scenario. > > Use IPSEC and don't bother your provider at all. > > > 3) Routing between different (and not allied) VPNs while utilizing the instal > > led source- and destination-VPNs: > > Use IPSEC and don't worry about who in the VPN uses which provider. > > > What do you think? > > > > Heinrich > > You want to use IPSEC for the above. > > Some providers don't want to hear that because it means no added > revenue for maintaining the VPN but a while back they didn't want to > hear about IP because they couldn't charge per connection or per byte. > > If you want a single provider VPN where the customer has to have no > involvement in the management just pays someone (and relies on their > security), then use RFC2547. > > Curtis
|
|