EzVPN with CSM

Unanswered Question
Aug 20th, 2007
User Badges:

I want to make an EzVPN site-to-site tunnel with CSM. The client side has a private ip address on the WAN interface. My problem is that I can not access the private ip address via the internet. However when I want to set up an EzVPN connection with CSM, the Wizzard needs two peers to do so. Is there a solution for this issue?(the userguide is not conclusive about this)

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
beecher Fri, 08/31/2007 - 10:21
User Badges:
  • Cisco Employee,

If you don't have access to one or more of the participating nodes in the VPN, then the technique is to still define those nodes in CSM so they can be used in the VPN definition, however, when it comes time to deploy, choose deploy to file for the nodes which are not accessible. The unreachable devices will still of course need to be configured for the VPN to work and you can use this file deployed on the CSM server to identify what CLI is required on the device for the VPN to work.


This Discussion