VPN - Routing between spokes!

Discussion in 'Cisco' started by Lars Molstad, Jan 26, 2004.

  1. Lars Molstad

    Lars Molstad Guest

    I have a VPN-Hub-router (3640 running IOS 12.3.5a) with about 200 spokes
    (using PIX 501 as spokes).

    I have been using a route-map associated with a Loopback interface for
    routing and access-control between the spokes, but route-maps is very
    CPU-intensive, and I wnat to get rid of the route-map configuration.

    I configured this in a lab with a 1712 and two PIX501's. The 1712 ran IOS
    12.2. This worked fine with the access-control applied to the same interface
    as the crypto-map. Then I configured the same on the production router, and
    no spokes could communicate with each other... I had to reapply the
    route-map to get the spokes up and running again..

    Anyone got a clue? Haven't had time to test with another 3640, or another
    software on the 1712 yet.... Need more RAM and FLASH in my lab to do

    [email protected]
    Lars Molstad, Jan 26, 2004
    1. Advertisements

  2. Is the hub router running NAT? The route map is a trick usually used to
    allow NAT and VPN in the same box.
    Phillip Remaker, Jan 26, 2004
    1. Advertisements

  3. Lars Molstad

    Lars Molstad Guest

    Ahhh.. Problem solved!
    This might be a bug in IOS 12.2T and 12.3.
    I loaded 12.2.21b and got it working without policy-based routing!

    [email protected]
    Lars Molstad, Jan 29, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.