I have a dynamic crypto map, which is applied to a Fastethernet interface - in this case everything is OK: I can connect and reach the cororate LAN. But when I apply this dynamic crypto map to a loopback interface using /32 IP vpn client connects and I got IP address, but I can't access any resources. Is there any limitation of Loopback interface? What can be the reason? Cisco 2811 is the vpn router....
AFAIK crypto maps are applied on physical/logical interfaces through which the traffic flows. Forcing the crypto source only changes the source IP with which the negotiation still happens. Hence what you see is normal behaviour. Apply crypto maps on outgoing interfaces is the right way.
So on this router two P-P VPN are terminated and also dynamic VPNs (users from home). Two crypto maps are used on this and I don't want waste IP addresses for dynamic VPN termination, I plan to use /32 IP on Loopback and this would be the connection point for home users..
Can you explain your suggestion with config lines?
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...