[c-nsp] bogus VPN info on cisco.com
Sergio Ramos
sramos at sapphire.gi
Thu Oct 26 02:52:04 EDT 2006
Hi!
Have you tried the reverse-route command applied to the crypto map?
crypto dynamic-map dynmap 10
set transform-set myset
reverse-route
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/
secur_r/sec_r1g.htm#wp1094887
regards,
Sergio.
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Robert E.
Seastrom
Sent: 26 October 2006 03:59
To: cisco-nsp at puck.nether.net
Cc: rs at seastrom.com
Subject: [c-nsp] bogus VPN info on cisco.com
Yeah yeah, I know, Cisco getting it wrong in a sample config? Oh,
that never happens, perish the thought!
But I do in fact have a need to accomplish exactly what is shown at:
http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_configura
tion_example09186a00801c4246.shtml
Note the VPN pool is on the same subnet as Ethernet 0/1. This means
that the router will have to respond to arps for interfaces in that
range when they are active. It doesn't. Tried arp blah blah blah
alias; the router responds to the arps fine then but the data doesn't
flow.
Anyone have any ideas or a similar config that they've actually gotten
to work? I've tried a 1710 and a 2621, running 12.3 and 12.4
mainline.
Thanks,
---Rob
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list