TOPIC: VPN-less remote access using Starlink and Cisco router (config)

VPN-less remote access using Starlink and Cisco router (config) 13 Feb 2022 07:01 #1

For those who might be interested, below is working config for Starlink based on Cisco routers (replacing original Starlink router).

Important notice, before you use Cisco as Starlink router.
Make sure you understand backplane capacity and PPS throughput for selected Cisco model and map it to typical Starlink speed (up to 300Mbps down/30Mbps up).

Important notices to evaluate prior going to IPv6 path.
1. Note that even below config contains working IPv6, at this stage none of SunSDR transceivers support IPv6, and according to EE there are no plans to get this functionality on existing HW models.
2. Note that in longer term Starlink will start to support IPv4 public on outbound interfaces, hence IPv6 config will be not needed for SunSDR purposes.
3. Note that if you wish to use existing IPv4 on SunSDR and translate in into outbound public IPv6, you have to look at IOS-XE (minimal v16.X) models (4000-series and up). Fully tested NAT46 config is below.
4. Note important restrictions for NAT46:
- Fragmented packet is not supported.
- Maximum Transmission Unit (MTU) discovery after converting to IPv6 packets is not supported.
- Virtual Routing and Forwarding-aware NAT 46 is not supported
- Both NAT44 (static, dynamic, and PAT) configuration and stateful NAT46 configurations are not supported on the same interface.
5. In common SunSDR remote topology, the outbound interface of the site, where ESDR3 PC is located must use IPv6 public address.

Basic config with IPv4 and IPv6 (works on all IOS 15.X+ models)
Extended config with NAT 46 (Translates IPv4 address of SunSDR to IPv6 public IP; work on all IOS XE Gibraltar 16.10.x models and above)
P.S. I am also will be testing working NAT / NAT64 config for Faucet. The results and specific SUnSDR-related config instructions will be posted here once ready.
Last Edit: 13 Feb 2022 07:04 by VK6NX.
