From: Erick B. (erickbe@xxxxxxxxx)
Date: Tue Jan 02 2001 - 18:11:55 GMT-3
Have you tried 'no ip route cache' on the BVI
interface. I ran into a similar problem where
fast-switching on the BVI was broke in 12.1(4) and
recent T releases. The first packet went through then
everything after which was cached didn't go. Cisco TAC
coudln't dupe the problem and was puzzled.
Anyone know a source for cheap flash for a 800 router?
I need to upgrade my home router so I can practice
IPSec. MemoryX wants $200'ish for a 8 meg Kingston
flash.
--- Sam Munzani <sam@munzani.com> wrote:
> Hi Group,
>
> I just came across a bug that is worth sharing with
> you fine people out =
> there.
>
> If you apply crypto map to a BVI interface, your
> IPSEC VPN doesn't work. =
> The first packet will go through and then it will
> die.
>
> You would love to use BVI in redundant ISP Router
> environment like =
> below.
>
> ISP Router-1 ISP Router-2
> | |
> S/W ------------ S/W
> | /
> | /
> | /
> | /
> VPN Router
> |
>
> E0 and E1 of VPN router is connected to those 2
> switches and creates a =
> BVI. E2 connects to inside of the network.=20
>
> This will not work.
>
> Regards,
>
> Sam
>
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:27:21 GMT-3