Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

ezvpn setup quetions


i have setup ezvpn server on the uc 520 and ezvpn client on cisco 871. i have doubt in dealing with my vlan. by default, there are multiple vlans, such as vlan 1 = data, vlan 100 = voice, and loopback0 = service engine. i changed my service engine pointing to vlan1 rather than loopback0, because i am afraid that is going to cause an issue with my vlan traffic.

do you think it's good thing to leave service engine ip as a default setup?

is there going to be a problem if i change the service engine ip? and what is the advantage or disadvantage?

if the service engine is set to default, should i include on the vpn traffic? and how?

thank you for your help guys

Cisco Employee

Re: ezvpn setup quetions

If you are using CCA to manage the installation, then changing the IP address for the service engine will cause problems, as CCA does not support this.  If you are managing the installation entirely using CLI, then this will work fine.

Having said that, I don't really see a need to change the address.  When you configure EzVPN, all traffic from the remote site will route through the UC500 site unless you specifically configure split tunnelling.  If you do configure split tunnelling, then you list the subnets that are reachable through the VPN connection, and the service engine subnet can be included on that list.  Either way, there should be no need to change the service engine address.



New Member

Re: ezvpn setup quetions

Agreed. The UC500 has enough isuses, changing the service engine IP is only going to cuae your more headache.

Setup Split Tunneling using Access lists as was previously mentioned.

CreatePlease to create content