Unanswered Question
Nov 23rd, 2009
User Badges:


Getting strucked in configuring in GETVPN, all GM's are connected and working fine with KS and share routes for Data Center, how can i connect with DR of all my GM's as they have only one WAN interface which is connected with WAN.

Kindly advice. Thanks in advance


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Collin Clark Mon, 11/23/2009 - 06:21
User Badges:
  • Purple, 4500 points or more

Create second GETVPN. On the key servers in the DR site define a second group. On the GM you'll have a second group configured there. Make sure the policies on each KS don't interfere with the others.

Here's a great doc on GETVPN including using multiple groups.

Hope it helps.

iqbal-zeeshan Mon, 11/23/2009 - 23:30
User Badges:

Hi Collin,

First Thanks for your reply, i did the same thing which you mentioned in your reply and now its working. But still there is an other issue of maintaining crypto sessions in GM. One cryto session becomes IDLE and DOWN autometically within few minutes althrough there is intersting traffic from DR & DC,after that i have to remove crypto map from GM interface and apply it back than its working fine. Again after few minutes its happening back again.

Kindly find the attached files of KS (DC and DR) and GM. In GM you can find the down and up crypto session. Kindly advice do i need any futher configuration.

Thanks in advance.




This Discussion