-(access-list premit gre host 192.168.1.1 host 192.168.1.2)
-without transferring any traffic from point lanA to point lanB, sh crypto ipsec sa will show packets encrypted which i could say they are the RIP updates.
-pinging from lanA to lanB doesnt make any difference in the packets encrypted and decrypted in the SHOW CRYPTO IPSEC SA. Encrypted traffic is increased but they are from the RIP updates (not from my continous ping)
In order to encrypt traffic from LanA to LanB, traffic has to flow across the GRE Tunnel first and then GRE will be encrypted by IPSEC.
So, if you do a show ip route xxx for LanB on the LanA router, does it point to the tunnel. If this is deployment is in production and if you do not want to play with the dynamic routing table to to test, can you add a simple static route just for one host to point to the GRE Tunnel and test it.
rip route remains and i could reach the other end..theres no problem with the connectivity now and i could see the isakmp sa and ipsec sa doing thjere job.
The problem we have to make sure that traffic between lanA and lanB are secured. I couldnt see that in SH CRYPTO IPSEC SA. I could see only a few which i guess are the rip realated thing coz it does increase only after say 40 sec.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...