From: Sam Munzani (sam@xxxxxxxxxxx)
Date: Tue Jan 02 2001 - 16:24:59 GMT-3
Interesting suggestion Justin. I think that would be it. Will let you know
my findings soon to you.
Sam
> Maybe it's not working because of Spanning Tree. If you make the VPN
router
> the root bridge it may then work as both ethernet ports would be
designated
> and forwarding.
>
> Regards,
>
> Justin Menga CCIE #6640 MCSE+I CCSE
> WAN Specialist
> Computerland New Zealand
> PO Box 3631, Auckland
> DDI: (+64) 9 360 4864 Mobile: (+64) 25 349 599
> mailto: justin.menga@computerland.co.nz
>
>
> -----Original Message-----
> From: Sam Munzani [mailto:sam@munzani.com]
> Sent: Wednesday, 3 January 2001 7:49 a.m.
> To: ccielab@groupstudy.com
> Subject: BVI and IPSEC bug
>
>
> Hi Group,
>
> I just came across a bug that is worth sharing with you fine people out =
> there.
>
> If you apply crypto map to a BVI interface, your IPSEC VPN doesn't work. =
> The first packet will go through and then it will die.
>
> You would love to use BVI in redundant ISP Router environment like =
> below.
>
> ISP Router-1 ISP Router-2
> | |
> S/W ------------ S/W
> | /
> | /
> | /
> | /
> VPN Router
> |
>
> E0 and E1 of VPN router is connected to those 2 switches and creates a =
> BVI. E2 connects to inside of the network.=20
>
> This will not work.
>
> Regards,
>
> Sam
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:27:21 GMT-3