cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
766
Views
0
Helpful
2
Replies

GETVPN....

iqbal-zeeshan
Level 1
Level 1

Hi,

Getting strucked in configuring in GETVPN, all GM's are connected and working fine with KS and share routes for Data Center, how can i connect with DR of all my GM's as they have only one WAN interface which is connected with WAN.

Kindly advice. Thanks in advance

Ragards

2 Replies 2

Collin Clark
VIP Alumni
VIP Alumni

Create second GETVPN. On the key servers in the DR site define a second group. On the GM you'll have a second group configured there. Make sure the policies on each KS don't interfere with the others.

Here's a great doc on GETVPN including using multiple groups.

http://tools.cisco.com/search/display?url=http%3A%2F%2Fwww.cisco.com%2Fen%2FUS%2Fprod%2Fcollateral%2Fvpndevc%2Fps6525%2Fps9370%2Fps7180%2FGETVPN_DIG_version_1_0_External.pdf&pos=5&strqueryid=1&websessionid=q5jCd5qhE75u98N8r0O00fG

Hope it helps.

Hi Collin,

First Thanks for your reply, i did the same thing which you mentioned in your reply and now its working. But still there is an other issue of maintaining crypto sessions in GM. One cryto session becomes IDLE and DOWN autometically within few minutes althrough there is intersting traffic from DR & DC,after that i have to remove crypto map from GM interface and apply it back than its working fine. Again after few minutes its happening back again.

Kindly find the attached files of KS (DC and DR) and GM. In GM you can find the down and up crypto session. Kindly advice do i need any futher configuration.

Thanks in advance.

Regards

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: