From: Fabrice Bobes (study@6colabs.com)
Date: Thu Jun 12 2003 - 19:46:21 GMT-3
(Sorry if it's a duplicate but I don't think this message went through
the first time.)
Todd and Leo,
My understanding is that you should apply it to the Tunnel interface
only but it doesn't hurt to apply it also on the physical interface.
On older releases, you needed to apply the crypto map on both the Tunnel
interface and the physical interface.
I don't see the point of applying the crypto map on the loopback
interface, traffic is not flowing through it. Maybe I am missing
something here.
In other words you should have something like:
Crypto map vpn local-address lo0
Int lo0
Ip add x.x.x.x 255.255.255.0
Int e0
Ip add y.y.y.y 255.255.255.0
Int tu0
Ip add z.z.z.z 255.255.255.0
Crypto map vpn
Thanks,
Fabrice
http://www.6colabs.com
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Leo Seto
Sent: Thursday, June 12, 2003 12:32 PM
To: Todd Carswell; ccielab@groupstudy.com
Subject: RE: Applying crypto maps -- Tunnel, Physical or both?
put it on the tunnel and loopback. Then you might try a:
crypto map [MYMAP] local-address [loopbackX]
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/
secu
r_r/sec_c2g.htm#1073947
HTH
-Leo
CCIE #11664
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Todd Carswell
Sent: Thursday, June 12, 2003 8:54 AM
To: ccielab@groupstudy.com
Subject: Applying crypto maps -- Tunnel, Physical or both?
I've got a basic VPN config w/ GRE tunnels. My tunnel source is loo0 on
both ends of the VPN. Where should I apply my crypto map? The tunnel,
the loopback, or the physical interface? All three???
Thx
Todd
This archive was generated by hypermail 2.1.4 : Fri Jul 04 2003 - 11:10:57 GMT-3