[c-nsp] bogus VPN info on cisco.com

Robert E. Seastrom rs at seastrom.com
Thu Oct 26 10:58:13 EDT 2006


Well, what do you know, it worked!  Many thanks!

                                        ---Rob


"Robert E. Seastrom" <rs at seastrom.com> writes:

> That looks as if it might work though it looks like it's for remote
> networks not the pool itself; I'll give it a try in an hour when I'm
> next to the box.
>
> Thanks,
>
>                                         ---rob
>
> "Sergio Ramos" <sramos at sapphire.gi> writes:
>
>> Hi!
>>
>> Have you tried the reverse-route command applied to the crypto map?
>>
>> crypto dynamic-map dynmap 10
>> set transform-set myset
>> reverse-route
>>
>> http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/
>> secur_r/sec_r1g.htm#wp1094887
>>
>>
>> regards,
>>
>> Sergio.
>>
>> -----Original Message-----
>> From: cisco-nsp-bounces at puck.nether.net
>> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Robert E.
>> Seastrom
>> Sent: 26 October 2006 03:59
>> To: cisco-nsp at puck.nether.net
>> Cc: rs at seastrom.com
>> Subject: [c-nsp] bogus VPN info on cisco.com
>>
>>
>> Yeah yeah, I know, Cisco getting it wrong in a sample config?  Oh,
>> that never happens, perish the thought!
>>
>> But I do in fact have a need to accomplish exactly what is shown at:
>>
>> http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_configura
>> tion_example09186a00801c4246.shtml
>>
>> Note the VPN pool is on the same subnet as Ethernet 0/1.  This means
>> that the router will have to respond to arps for interfaces in that
>> range when they are active.  It doesn't.  Tried arp blah blah blah
>> alias; the router responds to the arps fine then but the data doesn't
>> flow.
>>
>> Anyone have any ideas or a similar config that they've actually gotten
>> to work?  I've tried a 1710 and a 2621, running 12.3 and 12.4
>> mainline.
>>
>> Thanks,
>>
>>                                         ---Rob
>>
>> _______________________________________________
>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/


More information about the cisco-nsp mailing list