tunnels and crypto maps

Discussion in 'Cisco' started by Dan Lanciani, Mar 20, 2006.

  1. Dan Lanciani

    Dan Lanciani Guest

    The extremely helpful article:


    mentions that the long-standing anomaly that required crypto
    maps to be applied to tunnel interfaces in addition to the
    interfaces through which the encapsulated traffic flows has
    been eliminated as of 12.2(13)T. This raises the question:
    if you now apply a crypto map to a tunnel interface does it
    do what you would expect absent the historical anomaly, i.e.,
    encrypt traffic inside the tunnel? In other words, does the
    crypto map command applied to a tunnel interface now have the
    same semantics as on all other interface?

    I suspect the answer to my question is ``no'' since otherwise
    most of the complexity of the rest of the DMVPN implementation
    would be unnecessary: you could simply use a crypto map with
    a wildcard ACL on the tunnel interfaces and not have to worry
    about the dynamic external addresses. But I can dream...

    Dan Lanciani
    Dan Lanciani, Mar 20, 2006
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.