[c-nsp] Problem w/ outgoing IP on IPSEC tunnels
gkg at gmx.de
gkg at gmx.de
Wed Sep 21 02:57:36 EDT 2005
OK, now I'm officially convinced it's a bug ...
I tested setting the local-address entries back to Gig0/0, and the
router is STILL using the Loopback address for initiating outgoing
isakmp connections! I even removed the IP address from the loopback
interface, cleared the isakmp sa (which was active/MM_NO_STATE), waited
until it was off the show crypto list, and the router IS STILL USING the
d at mn loopback address! It's nowhere in the running config anymore! What
"clear" commands can I use (apart from the "great clear" called
"reload") to get the router to actually consider my changes to the
config??? This is not funny ... :(
So I recon the local-address does work, but requires some deeper magic
to actually change once a connection has been used or attempted...
Any insights appreciated ...
-gg
More information about the cisco-nsp
mailing list