05-10-2010 03:39 PM - edited 02-21-2020 04:38 PM
We currently have a couple of IPSEC SPAs that we are using to terminate site to site vpn tunnels in vrf mode. We are looking at leveraging this hardware to also terminate remote access vpn using PKI to avoid the aggressive mode security issues. I was hoping there would be some people out there that could point me towards some good resources that will help with the configuration of such a model. I've found some cisco documents on their website but it seems like the documents I found are trying to cover little bits of everything and leave holes when it comes to this specific deployment. If anyone has first hand experience they would like to share I would appreciate it. If you know of some documentation or Cisco Press books that would be of value I am open to that too.
Thanks!
11-17-2011 11:25 PM
hello David,
I have seen that there is no reply to this thread.
I was wonding if you managed to come across any good documentation and/or a configuration guide that could explain terminate "site to site ipsec tunnels in vrf - lite mode?
Many thanks in advance
11-18-2011 05:13 AM
Darin,
Conf example with fvrf = global and ivrf =x
Before you start implmenting:
Marcin
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: