How can I get IPSEC to work dynamically on a hub and spoke network
I have 112 Cisco 2610 router and two Cisco 7206 router.
All the Cisco 2610 connect to the two 7206 routers through a frame relay.
All the Cisco 2610 are also required to communicate to each other via the Cisco 7206
I am required to encrypt every data traffic going through the frame relay.
And I cannot get the configuration below to work dynamically.
But when I remove all crypto dynamic-map .. and also replace this crypto isakmp key 30364050 address 0.0.0.0 with crypto isakmp key 30364050 address 18.104.22.168 or a specific interface address of the remote peer it will work. See below the error that I get
Please help me. I want dynamic-map design to work because of the need for HUB to SPOKE and SPOKE-to-SPOKE communication. It will too much work to encrypt all the router manually.
Re: How can I get IPSEC to work dynamically on a hub and spoke n
I have tried you sample configuration exactly as you wrote it.
and also used different access-list and none worked.
I also tried the Configuring IPSec Tunnel End-Point Discovery sample and it did not work
I noticed that the ios for the Configuring IPSec Tunnel End-Point Discovery sample is 12.07 and the ios in my routers are 12.09. Could that be the problem. I can not figure out any other problem. Because I tried adding discover on my "crypto map test 10 ipsec-isakmp dynamic spoke " as the configuration showed but was not able.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...