We are running OSPF on the private interface of our VPN Concentrator (3.6.1), to facilitate Reverse Route Injection for VPN hardware and software clients. On two occasions I have seen the VPN concentrator inject the the Public subnet into OSPF, which has caused some issues. Clicking the "Clear Routes" button on the Monitoring -> Routing page of the VPN Concentrator removes the "public" route from OSPF. I can't establish a set of action which causes the route to be generated. Has anyone else observed this?
Yes, I see this also when running RIP on Private interface. The public subnet is advertised to the internal router behind the Concentrator. This is annoying since this public route can`t be filtered from the Concentrator itself. Hope that Cisco would address this issue. I would like to hear, If anyone know how to prevent public subnet not to be advertised from private interface. BTW, this is on Concentrator v3.5.x , not tested with version 3.6.x
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...