cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
334
Views
0
Helpful
2
Replies

best implementation for crypto tunnels?

mpferderer
Level 1
Level 1

Hi.

I have a Cisco 2621 running IPPlus IPSec56 with a 1710 and 1720 connecting to it with crypto Ipsec tunnels. I have recently had some problems and have found in troubleshooting there are different ways to configure this setup and would like to know the recommended way.

Where 2 peers will be referenced in my crypto maps on the 2621, is it best to have the map listed twice(with separte priorities-same map name) for each peer and a seperate ACL for each map priority? or better to have each peer listed in the same map priority and have a single ACL that includes both peers' networks?

Also, would there be any problems(such as routing loops) in listing the 'other' 2 peers on each of my 3 routers?

Thanks,

Mike

2 Replies 2

ciscomoderator
Community Manager
Community Manager

Often times complex configuration issues are best addressed in an interactive session with one of our trained technical assistance engineers. While other forum users may be able to help, it’s often difficult to do so for this type of issue.

To utilize the resources at our Technical Assistance Center, please visit http://www.cisco.com/tac and to open a case with one of our TAC engineers, visit http://www.cisco.com/tac/caseopen

If anyone else in the forum has some advice, please reply to this thread.

Thank you for posting.

Really? Is this generic respone automatically posted after a certain amount of time?

I didn't think my post was that complex. I listed 2 ways of doing what i was doing and asked for the recommended way. Encrypted data tunnels in both hub and spoke and mesh configurations ahve to be fairly common as there exists many articles on this from router to router. I just haven't seen articles on the mesh configuration with lower series hardware like i'm using (2621, 1720, 1721).

Please help.

Thank you,

Mike

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco