We are running HUB & SPOKE Method. HUB is the PEER Router and Spoke are Branch Offices.
Note: 2" PEER Router at HO
The IPSec is established between the HUB & SPOKE Routers. Normally the scenario is: For a Spoke Location when it formed a IPSec session with one HUB Router, when i execute "sh ip route <spoke_LAN_segment>" at PEER Router the results will be know via "STATIC" with which the Crypto Peer has established and in other PEER Router the result will be know via RIP.
Now, in-recent days, we are receving complaints from many SPOKE Locations, unable to open the Application from 2/5" PC's out of 10" PC's for eg.
During this situation, when i execute the "sh ip route <Spoke_LAN_Seg>" the results is known via "STATIC" at both the PEER Router.
In a worst case, we swap the PEER Router relationship and clear the Crypto / SA / Sesssion.
Can someone help / clarify on the same. Thanks in Advance for all your HELP.
Guru Prasad R