We have a VPN cluster with two 3030 Concentrators. When you connect to the virtual address, you are pushed to one address, but when it is "negotiating security policies" the connection drops, but then when you click "Connect" again, it works! This happens for users regardless of location. Any ideas? Clustering appears to be working okay.
Also, in the documentation it says the virtual address should not be pingable, but we can in our scenario we can.
When you connect the AP to the wired LAN, the AP links to the network using a Bridge Virtual Interface (BVI) that it creates automatically. Instead of tracking separate IP addresses for the AP''s Ethernet and radio ports, the network uses the BVI. When you assign an IP address to the AP using the CLI, you must assign the address to the BVI.
Yes, one of the Concentrator's is okay if you just set your client to connect to that one. Strange since the configuration was pretty much a copy and paste from the other. The "existing" Concentrator is the one that is working properly.
Yes, the ARP table always has the MAC address of the cluster master for the cluster IP address. Thanks for the help.
After working with TAC, what the issue was one of the concentrator's address pool started on the network number, not a usable host, that was the reason for the disconnect. It was sporadic because the first time you would get the wrong address, then the second time you would get a usable host address. :-)
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :