From: Sadiq Yakasai (sadiqtanko@gmail.com)
Date: Fri Feb 13 2009 - 18:25:13 ARST
I was thinking, is it possible to do this peering authentication based on
rsa signatures/certificates?
Maybe thats when this command comes in handy........ not sure though..
Sadiq
On Fri, Feb 13, 2009 at 8:13 PM, Edouard Zorrilla <ezorrilla@tsf.com.pe>wrote:
> Tim,
>
> Peer is inside the crypto map, so I would not worry about peer definition
> inside global config,
>
> Regards
>
> ----- Original Message ----- From: "Tim" <ccie2be@nyc.rr.com>
> To: <security@groupstudy.com>; <ccielab@groupstudy.com>
> Sent: Friday, February 13, 2009 2:37 PM
> Subject: FW: L2L VPN in IOS
>
>
> Hi Guys,
>>
>>
>>
>> Does the 2nd line ever make sense given the first line and the 2 ip
>> addresses are the same?
>>
>>
>>
>> crypto isakmp key CISCO address 136.1.123.12
>>
>>
>> !
>>
>>
>> crypto isakmp peer address 136.1.123.12
>>
>>
>>
>> I came across this example a while back before I knew a thing about VPN's.
>> But, as I look at it now, it seems to me the 2nd config line is just
>> redundant
>>
>>
>>
>> and shouldn't be needed. In fact, I can't think of a reason or scenario
>> where that 2nd line would ever be necessary.
>>
>>
>>
>> Does anybody have an example where using that 2nd line makes sense?
>>
>>
>>
>> Thanks kindly,
>>
>>
>>
>> Tim
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>
-- CCIE #19963Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:44:11 ARST