[c-nsp] Anyone running an NPE-G1 with an SA-VAM?

Simon Hamilton-Wilkes simon at jettis.com
Fri Oct 22 23:23:24 EDT 2004


12.2(15)T14 seems to work so far.
The issue I had with IPSEC was that 1/2 a crypto access-list would work,
while the second half would not, and I'd get quick mode failure messages in
the logs - the ACL concerned is only 11 lines.
Another part of the fun was downgrading to 12.2 after 12.3 had encrypted my
AAA secret keys...

12.3 mainline will happen at some point, don't know when I'll be brave
enough to try 12.3.11T though.

Simon 

-----Original Message-----
From: Luan Nguyen [mailto:luan.m.nguyen at gmail.com] 
Sent: Friday, October 22, 2004 8:15 PM
To: Temkin, David
Cc: Simon Hamilton-Wilkes; cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Anyone running an NPE-G1 with an SA-VAM?

There are some problem with GRE - ipsec can't process gre keep alive packets
on 12.3.11T.  If you don't need advance features of tech train then 12.3.10
mainline is worth considering.

On Fri, 22 Oct 2004 19:10:36 -0400, Temkin, David <temkin at sig.com> wrote:
> We are running NPE-G1 w/ SA-VAM2 (I know, somewhat different) - 
> however I did see instability until I went to 12.3.11T, including 
> memory leaks (some huge, some small).
> 
> 
> 
> 
> > -----Original Message-----
> > From: cisco-nsp-bounces at puck.nether.net 
> > [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Simon 
> > Hamilton-Wilkes
> > Sent: Friday, October 22, 2004 2:41 PM
> > To: cisco-nsp at puck.nether.net
> > Subject: [c-nsp] Anyone running an NPE-G1 with an SA-VAM?
> >
> > Having major issues finding a recent IOS which supports both without 
> > a major memory leak (the box fails within 8 hours), and with working 
> > IPSEC.
> >
> > We were running 12.2(14)S2 for the longest time, but they took IPSEC 
> > out of the service provider train.
> > Have been trying various 12.3T including 12.3(7)T4 and 12.3(8)T4, 
> > both of which have both the problems above.
> >
> > Suggestions gratefully received.
> >
> > Simon
> >
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net 
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
> >
> 
> 
> IMPORTANT: The information contained in this email and/or its attachments
is confidential. If you are not the intended recipient, please notify the
sender immediately by reply and immediately delete this message and all its
attachments.  Any review, use, reproduction, disclosure or dissemination of
this message or any attachment by an unintended recipient is strictly
prohibited.  Neither this message nor any attachment is intended as or
should be construed as an offer, solicitation or recommendation to buy or
sell any security or other financial instrument.  Neither the sender, his or
her employer nor any of their respective affiliates makes any warranties as
to the completeness or accuracy of any of the information contained herein
or that this message or any of its attachments is free of viruses.
> 
> 
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net 
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>



More information about the cisco-nsp mailing list