Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Silver

Dynamic VPN on Loopback

Hi,

I have a dynamic crypto map, which is applied to a Fastethernet interface - in this case everything is OK: I can connect and reach the cororate LAN. But when I apply this dynamic crypto map to a loopback interface using /32 IP vpn client connects and I got IP address, but I can't access any resources. Is there any limitation of Loopback interface? What can be the reason? Cisco 2811 is the vpn router....

Thanks in advance,

Bye

FCS

5 REPLIES
Silver

Re: Dynamic VPN on Loopback

AFAIK crypto maps are applied on physical/logical interfaces through which the traffic flows. Forcing the crypto source only changes the source IP with which the negotiation still happens. Hence what you see is normal behaviour. Apply crypto maps on outgoing interfaces is the right way.

Silver

Re: Dynamic VPN on Loopback

And is there any solution for use Loopback interface for this purpose instead of physical?

Thanks in advance,

FCS

Silver

Re: Dynamic VPN on Loopback

I dont think so.... but why exactly you need the crypto map on the Loopback. You can apply it on the outgoing interfaces.

Silver

Re: Dynamic VPN on Loopback

So on this router two P-P VPN are terminated and also dynamic VPNs (users from home). Two crypto maps are used on this and I don't want waste IP addresses for dynamic VPN termination, I plan to use /32 IP on Loopback and this would be the connection point for home users..

Can you explain your suggestion with config lines?

Thanks in advance.

bye

FCS

Silver

Re: Dynamic VPN on Loopback

Well both P-P and dynamic users can use the same loopback as the peer for the crypto termination. It isnt necessary that they use a different source.

Iam sorry but iam confused wrt what u trying to acheive.

191
Views
0
Helpful
5
Replies
CreatePlease to create content