Mix of L2 and L3 VPN tunnels?

  • 1
  • Question
  • Updated 5 years ago
  • Answered
I'm wondering if it's possible to create a mix of different types of VPN tunnels between a CVG and BR200, or if there is another way to configure the following scenario.

A company with several branchoffices want to have a guest-network (internet access only) that not tunneled, a branch subnet that’s routed with capability to reach central resources (L3 VPN) and a VOIP network that’s managed centrally (L2 VPN)
Photo of Erik Gunnarsson

Erik Gunnarsson

  • 38 Posts
  • 6 Reply Likes

Posted 5 years ago

  • 1
Photo of Andrew Garcia

Andrew Garcia, Official Rep

  • 368 Posts
  • 120 Reply Likes
The CVG can be configured in either Layer 2 VPN or Layer 3 VPN mode, but can not currently support both at the same time. Also, the BR200 does not suport Layer 2 VPN.

While it is certainly possible to support the three networks you describe with a BR200, you can not currently have centralized IP address distribution for the VoIP network. You could set up different addressing and VLANs for the VoIP and branch subnets, configure firewall rules as needed to access necessary resources for each, and input any DHCP options needed to support the VoIP infrastructure, but the addressing would be handed out by each BR.