10-27-2008 08:14 AM - edited 03-04-2019 12:05 AM
All traffic being routed through the hubs and spoke to spoke tunnels wouldn't come up.
Tried for hours with CISCO engineers on the phone to fix an issues with DMVPN routing through the head ends and not the spoke to other spokes. Turns out is was the version of IOS I was running at the hubs.
I was running c7200-jk9s-mz.124.13b.bin and I am now running c7200-adventerprisek9-mz.124.15.T7.bin
Works beautifully now. This was an NHRP issue I don't know if one of you can through this in a solution database as I tried for a very long time to find a solution and there was nothing. If you need more detail please let me know. I have a TAC open for it SR 609892261, you should be able to grab loads of info from that if you can.
10-27-2008 02:31 PM
Hello Brent,
a Service Request is associated to a Service Contract and only CCO accounts associated to that Service Contract can access it.
So I don't think any of us ( the ones not working directly for Cisco) can access your SR.
And this is reasonable.
It is possible using my CCO account to access the Bug Toolkit(go to support and accesss the Bug toolkit) and look for IOS software 12.4.13b platform 7200 and keyword DMVPN starts a search:
if finds 11 bugs
for example it can be:
CSCsc72704
Dynamic spoke to spoke tunnel fails to establish in daisy-chained DMVPN
1st Found-In
12.4(5)M
Known Affected Versions This link will launch a new window.
Fixed-In
12.4(9)T2
12.4(9.15)T
12.4(6)T10
"Dynamic spoke to spoke tunnel fails to establish in daisy-chained DMVPN
In a daisy-chained DMVPN (Dynamic Multipoint VPN) environment, if the hub
router does not terminate both the GRE and IPSec tunnels on the same device,
then NHRP (Next Hop Resolution Protocol) traffic from the hub to a spoke
may be forwarded in clear instead of being encrypted, which subsequently
will be dropped on the destination spoke router. This can cause dynamic
spoke to spoke tunnel not to get established."
There is no known workaround at this time.
However, thanks for having signalled a problem that can occur to other network engineers.
Hope to help
Giuseppe
10-27-2008 03:42 PM
Hey Giuseppe!
yeah sorry I guess I was thinking Knowledge base would be the best .. I just would hate to see another administrator go through this one ;)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide