VPN - Routing between spokes!

Discussion in 'Cisco' started by Lars Molstad, Jan 26, 2004.

  1. Lars Molstad

    Lars Molstad Guest

    Hello,
    I have a VPN-Hub-router (3640 running IOS 12.3.5a) with about 200 spokes
    (using PIX 501 as spokes).

    I have been using a route-map associated with a Loopback interface for
    routing and access-control between the spokes, but route-maps is very
    CPU-intensive, and I wnat to get rid of the route-map configuration.

    I configured this in a lab with a 1712 and two PIX501's. The 1712 ran IOS
    12.2. This worked fine with the access-control applied to the same interface
    as the crypto-map. Then I configured the same on the production router, and
    no spokes could communicate with each other... I had to reapply the
    route-map to get the spokes up and running again..

    Anyone got a clue? Haven't had time to test with another 3640, or another
    software on the 1712 yet.... Need more RAM and FLASH in my lab to do
    this!!!!!!

    [email protected]
    CCNA, CCDA, CCNP, CCDP, CCSP, CQS-CSS1, CQS-IPTDS ...............(MCSE)
     
    Lars Molstad, Jan 26, 2004
    #1
    1. Advertisements

  2. Is the hub router running NAT? The route map is a trick usually used to
    allow NAT and VPN in the same box.
     
    Phillip Remaker, Jan 26, 2004
    #2
    1. Advertisements

  3. Lars Molstad

    Lars Molstad Guest

    Ahhh.. Problem solved!
    This might be a bug in IOS 12.2T and 12.3.
    I loaded 12.2.21b and got it working without policy-based routing!

    [email protected]
     
    Lars Molstad, Jan 29, 2004
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.