I have a 4948 w/L-3 software. Am using VRFs to segment the traffic for two different entities. Am having problems getting the router management stuff (TACACS+, NTP, logging, SNMP, etc.) working.
All of these things are configured to originate from Loopback 0 (ip tacacs source-interface Loopback0, for example). I have also assigned Loopback 0 to one of the VRFs. Yet I can't get these things to work.
Do I have to select one VRF as the "master" VRF or something like that?
Here's the relevant config snippets from this box (names changed to protect the innocent). Note that the management servers are across the MetroE connections, not on the local LAN:
To use overlapping addresses between group member VRFs, PE should also use a unique MPLS VPN (PE VRFs) for each of the group member VRFs. In addition, a separate key server must be dedicated for each VRF, mainly because the key server is not VRF-aware. For this, group members should also use a separate certificate for authentication for each crypto map. The group member configuration is almost the same as in case 1 except that the additional certificate trustpoints and different key server addresses should be required
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.