Hi,
I’ve had a look around the web and have a few questions about EoIP.
I currently run a network where we need to extend LANs over a WAN but we need to encrypt the traffic. Service Provider networks such as Megastream Ethernet do not provide encryption and therefore we use hardware encryptors but this has proved to be expensive.
I am looking to re-engineer this network and drive down costs and have managed to do so by using L2TPv3 on a low-end Cisco router which gets encrypted (IPSec) by ASA 5505. The mirror image of this is at the other end. This is great for a point-to-point solution and is relatively cheap but ideally I would just like a multipoint solution that would satisfy my needs. Essentially I need something that is scalable.
Looking through some documentation on RouterOS I find the details a little hazy. I mean, my L2TPv3 network is like:
SW(dot1q)–>L2TPv3 Rtr–>ASA5505–>ISP–>ASA5505–>L2TPv3 Rtr–>Sw(dot1q)
How would it look like with RouterOS? Something like this?
SW(dot1q)–>RouterOS–>ISP–>RouterOS–>Sw(dot1q)
What kind of speeds could I expect to get especially considering I want IPSec between the two routers? Does it support dot1q tagging and point-to-multipoint?
Looking at the doc at http://wiki.mikrotik.com/wiki/Layer2_VPN_Server it appears that multipoint is supported but I cannot be sure. Also in the example VLAN 312 is created - does this have to be the same as the tunnel-id number and does that VLAN need to be added to my switch to which the router would be connected?
Assuming this does suit my needs (and bearing in mind encryption too), how much would it cost me to deploy at one site - approx?
Kind regards