Hello, I have this router as part of my DMVPN and I'd like to set up SSH to the outside interface. I have to create a rsa key but my options are as follows.
BLKLAN2800-1(config)#crypto key generate rsa ?
general-keys Generate a general purpose RSA key pair for signing and
usage-keys Generate separate RSA key pairs for signing and encryption
I've tried both as "un exported" and "exportable"
When I do this(modulus is 1024 btw) the DMVPN tunnels stop working and I get the error message below.
*Dec 29 19:43:34.039: %CRYPTO-4-IKE_DEFAULT_POLICY_ACCEPTED: IKE default policy was matched and is being used.
*Dec 29 19:43:34.067: %CRYPTO-4-IKE_DEFAULT_POLICY_ACCEPTED: IKE default policy was matched and is being used.
When I do a "sh cryp isa sa" I see this.
BLKLAN2800-1#sh crypto isa sa
dst src state conn-id slot status
x.x.x.x x.x.x.x MM_KEY_EXCH 1 0 ACTIVE
x.x.x.x x.x.x.x MM_KEY_EXCH 2 0 ACTIVE
any ideas on how I can implement ssh without interfering with the dmvpn portion?