[c-nsp] Can you apply crypto map to SVI
Ge Moua
moua0100 at umn.edu
Tue Jun 16 05:02:49 EDT 2009
Yes, this should work contigent on hw plaform. If you do a "sh cry
engine" do you see an active crypto engine in sw or hw? If not then the
crypto commands will never be invoked even though legal.
Regards,
Ge Moua | Email: moua0100 at umn.edu
Network Design Engineer
University of Minnesota | Networking & Telecommunications Services
Andy Saykao wrote:
> Hi All,
>
> Got a problem with a site-to-site IPSEC vpn implementation where one end
> is using SVI.
>
> Does any body know if a crypto map can be applied to a SVI to bring up
> the IPSEC tunnel? It accepts the command but I can't pass any traffic
> to/from it.
>
> interface vlan 10
> crypto map MY-MAP
>
> Or do you need to apply the crypto map to a physical interface?
>
> I've gotten it working on a sub-interface (eg: interface
> GigabitEthernet0/0.11) but can't find any documentation that talks about
> applying it to a SVI and whether this will work.
>
> Thanks.
>
> Andy
>
> This email and any files transmitted with it are confidential and intended
> solely for the use of the individual or entity to whom they are addressed.
> Please notify the sender immediately by email if you have received this
> email by mistake and delete this email from your system. Please note that
> any views or opinions presented in this email are solely those of the
> author and do not necessarily represent those of the organisation.
> Finally, the recipient should check this email and any attachments for
> the presence of viruses. The organisation accepts no liability for any
> damage caused by any virus transmitted by this email.
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list