Problem with OSPF Adjacency (mGRE, NHRP, OSPF, IPsec)

Document

Oct 1, 2011 8:48 AM
Oct 1st, 2011

hi anybody! can you help to fix this problem?

on primary router (hub)

Oct  1 08:57:50.242: %OSPF-5-ADJCHG: Process 1, Nbr 10.0.1.2 on Tunnel11 from LOADING to FULL, Loading Done

Oct  1 08:57:50.242: %OSPF-5-ADJCHG: Process 1, Nbr 10.0.1.3 on Tunnel11 from LOADING to FULL, Loading Done

Oct  1 08:58:38.286: %OSPF-5-ADJCHG: Process 1, Nbr 10.0.1.2 on Tunnel11 from FULL to DOWN, Neighbor Down: Dead timer expired

Oct  1 08:58:40.014: %OSPF-5-ADJCHG: Process 1, Nbr 10.0.1.3 on Tunnel11 from FULL to DOWN, Neighbor Down: Dead timer expired

Oct  1 08:58:47.826: %OSPF-5-ADJCHG: Process 1, Nbr 10.0.1.2 on Tunnel11 from LOADING to FULL, Loading Done

primary router

crypto isakmp policy 10

encr aes

authentication pre-share

group 2

crypto isakmp key cisco address 0.0.0.0 0.0.0.0

!

!

crypto ipsec transform-set TS esp-3des esp-md5-hmac

mode transport

!

crypto ipsec profile DMVPN

set transform-set TS

!

!

!

!

!

!

interface Tunnel11

ip address 10.0.1.1 255.255.255.0

no ip redirects

ip nhrp map multicast dynamic

ip nhrp network-id 123

ip nhrp holdtime 60

ip ospf network broadcast

ip ospf priority 200

ip ospf mtu-ignore

delay 5

tunnel source GigabitEthernet0/1

tunnel mode gre multipoint

tunnel key 123

tunnel protection ipsec profile DMVPN

interface GigabitEthernet0/0

description LAN

ip address 10.100.1.1 255.255.255.252

shutdown

duplex auto

speed auto

!

interface GigabitEthernet0/1

description WAN

ip address 10.200.1.2 255.255.255.252

duplex auto

speed auto

router ospf 1

router-id 10.0.1.1

redistribute connected

network 10.0.1.0 0.0.0.255 area 0

network 10.200.1.0 0.0.0.3 area 0

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1 10.200.1.1

backup router

crypto isakmp policy 10

encr aes

authentication pre-share

group 2

crypto isakmp key cisco address 0.0.0.0 0.0.0.0

!

!

crypto ipsec transform-set TS esp-3des esp-md5-hmac

mode transport

!

crypto ipsec profile DMVPN

set transform-set TS

!

!

!

!

!

!

interface Tunnel22

ip address 10.0.2.1 255.255.255.0

no ip redirects

ip nhrp map multicast dynamic

ip nhrp network-id 456

ip nhrp holdtime 60

ip ospf network broadcast

ip ospf priority 100

ip ospf mtu-ignore

delay 10

tunnel source GigabitEthernet0/1

tunnel mode gre multipoint

tunnel key 456

tunnel protection ipsec profile DMVPN

interface GigabitEthernet0/0

description LAN

ip address 10.100.1.5 255.255.255.252

shutdown

duplex auto

speed auto

!

interface GigabitEthernet0/1

description WAN

ip address 10.200.1.5 255.255.255.252

duplex auto

speed auto

router ospf 1

router-id 10.0.2.1

redistribute connected metric-type 1 subnets route-map static-to-ospf

network 10.0.2.0 0.0.0.255 area 0

network 10.100.1.4 0.0.0.3 area 0

network 10.200.1.4 0.0.0.3 area 0

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1 10.200.1.6

spoke 1

crypto isakmp policy 10

encr aes

authentication pre-share

group 2

crypto isakmp key cisco address 0.0.0.0 0.0.0.0

!

!

crypto ipsec transform-set TS esp-3des esp-md5-hmac

mode transport

!

crypto ipsec profile DMVPN

set transform-set TS

!

!

!

!

!

!

interface Tunnel11

ip address 10.0.1.2 255.255.255.0

no ip redirects

ip nhrp map 10.0.1.1 10.200.1.2

ip nhrp map multicast 10.200.1.2

ip nhrp network-id 123

ip nhrp holdtime 60

ip nhrp nhs 10.0.1.1

ip ospf network broadcast

ip ospf mtu-ignore

delay 5

tunnel source FastEthernet4

tunnel mode gre multipoint

tunnel key 123

tunnel protection ipsec profile DMVPN shared

!

!

interface Tunnel22

ip address 10.0.2.2 255.255.255.0

no ip redirects

ip nhrp map 10.0.2.1 10.200.1.5

ip nhrp map multicast 10.200.1.5

ip nhrp network-id 456

ip nhrp holdtime 60

ip nhrp nhs 10.0.2.1

ip ospf network broadcast

ip ospf mtu-ignore

delay 10

tunnel source FastEthernet4

tunnel mode gre multipoint

tunnel key 456

tunnel protection ipsec profile DMVPN shared

interface FastEthernet4

description WAN

ip address 10.200.1.9 255.255.255.252

duplex auto

speed auto

router ospf 1

router-id 10.0.1.2

log-adjacency-changes

network 10.0.1.0 0.0.0.255 area 0

network 10.0.2.0 0.0.0.255 area 0

network 172.22.38.0 0.0.0.255 area 0

ip route 0.0.0.0 0.0.0.0 FastEthernet4

spoke 2

crypto isakmp policy 10

encr aes

authentication pre-share

group 2

crypto isakmp key cisco address 0.0.0.0 0.0.0.0

!

!

crypto ipsec transform-set TS esp-3des esp-md5-hmac

mode transport

!

crypto ipsec profile DMVPN

set transform-set TS

!

!

!

!

!

!

interface Tunnel11

ip address 10.0.1.3 255.255.255.0

no ip redirects

ip nhrp map multicast 10.200.1.2

ip nhrp map 10.0.1.1 10.200.1.2

ip nhrp network-id 123

ip nhrp holdtime 60

ip nhrp nhs 10.0.1.1

ip ospf network broadcast

ip ospf mtu-ignore

delay 5

tunnel source FastEthernet4

tunnel mode gre multipoint

tunnel key 123

tunnel protection ipsec profile DMVPN shared

!

!

interface Tunnel22

ip address 10.0.2.3 255.255.255.0

no ip redirects

ip nhrp map 10.0.2.1 10.200.1.5

ip nhrp map multicast 10.200.1.5

ip nhrp network-id 456

ip nhrp holdtime 60

ip nhrp nhs 10.0.2.1

ip ospf network broadcast

ip ospf mtu-ignore

delay 10

tunnel source FastEthernet4

tunnel mode gre multipoint

tunnel key 456

tunnel protection ipsec profile DMVPN shared

interface FastEthernet4

description WAN

ip address 10.200.1.13 255.255.255.252

duplex auto

speed auto

router ospf 1

router-id 10.0.1.3

log-adjacency-changes

network 10.0.1.0 0.0.0.255 area 0

network 10.0.2.0 0.0.0.255 area 0

network 172.23.48.0 0.0.0.255 area 0

ip route 0.0.0.0 0.0.0.0 FastEthernet4

Thanks a lot,

Eric

Average Rating: 0 (0 ratings)

Comments

huyeduon Fri, 02/28/2014 - 02:56

Hi

Can you try:

conf t

int tun 2

ip ospf network point-to-multipoint

ip ospf mtu-ignore

!

do the same for all spoke

Let see how it go

Good luck

Actions

Login or Register to take actions

This Document

Posted October 1, 2011 at 8:48 AM
Stats:
Comments:1 Avg. Rating:0
Views:1031 Contributors:1
Shares:0
Tags: No tags.

Documents Leaderboard