Unanswered Question
Aug 17th, 2009
User Badges:


I need to clarify some things about routing with DVTI on the Cisco 1801. I have a VirtualTemplate interface associated with a Dialer interface:

interface Virtual-Template1 type tunnel

ip unnumbered Dialer0

tunnel source Dialer0

tunnel mode ipsec ipv4

tunnel protection ipsec profile VTI_Profile

crypto isakmp profile VTI_Profile

keyring TEST

match identity address

client configuration address respond

keepalive 3600 retry 60

virtual-template 1

local-address Dialer0

Gateway of last resort is not set. I have PBR for incoming IPSec connections:

ip local policy route-map LOCAL

route-map LOCAL permit 10

match ip address 150

set interface Dialer0

route-map LOCAL permit 20

match ip address 152

set global

access-list 150 permit ip host any

access-list 152 permit ip any any

After IPSec tunnel is established the new interface VirtualAccess1 is appeared and route to remote LAN added to global route table:

S [1/0] via, Virtual-Access1

The ping from local LAN to remote LAN is not working until I add the default gateway. Is there route lookup action after packets pass through VirtualAccess interface?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 1 (1 ratings)
aleksei.timofeyev Tue, 08/25/2009 - 20:00
User Badges:


Could you look at Figure 3 at URL specified by you? If I configure different PBRs for inside interface,outside interface and VTI in what sequence they will be looked up?




This Discussion