VPN3002`s protected networks are 10.1.1.0/24 AND 10.1.2.0/24
1. Got a ping reply from 10.10.10.0/24 to 10.1.1.0/24 , means the two networks are encrypted
2. Reply time out when ping from 10.10.10.0/24 to 10.1.2.0/24 .
1. Does VPN3002 (hardware client) be able to protect two networks as the scenario above? It does protect its own network (which is 10.1.1.0/24) but seems like it couldn`t encrypt a packet that is not from its own network range.
Regarding the multiple networks behind a VPN 3002, we are able to advertise those networks to the Concentrator through "Network Extension Reverse Route Injection" . The Concentrator sees those networks. I am thinking that there would be a way so that the Concentrator be able to encrypt packets to those networks behind the VPN3002.
If RRI (Reverse Route Injection) is not for advertising multiple protected networks behind a VPN3002, I am still confuse on what is the purpose of "Network Extension Reverse Route Injection" setting.
is there really no other solution for this problem. I'm facing a simmilar situation but have to establish a VPN connection using X.509 certificates to authenticate and dynamic IPs at the remote location connection back to an 3030 concentrator at the central side. In my unerstanding the 3002 hardware client is the only device which can provide the neccesary functionality for my situation. EzVPN on 1700 routers is lacking X.509 support currently.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :