06-22-2006 01:07 AM
I would like to advertise routes in OSPF only for LAN-LAN tunnels that are established.
If i enable reverse route injection however it seems to advertise the network regardless of whether the tunnel is up or down.
Is there any option to only advertise routes if a LAN-LAN tunnel is established
any ideas?
06-22-2006 03:08 AM
If iam right , that would happen only with dynamic IPsec tunnels and not static IPSec.
06-29-2006 09:46 PM
I respectfully disagree. Please check out
Reverse Route Injection
http://www.cisco.com/univercd/cc/td/doc/product/vpn/vpn3000/4_7/config/iprout.htm#wp1114390
Reverse Route Injection
The VPN Concentrator can automatically add static routes to the routing table and announce these routes to its private network or border routers using OSPF or RIP. This feature is called reverse route injection (RRI). The RRI options that you can configure vary with the type of connection:
?Remote software clients or VPN 3002 Hardware Clients using Client (PAT) mode:
?For individual remote clients, enable the Client Reverse Route Injection option.
?For a group of remote clients, enter an address pool in the Address Pool Hold Down Routes field.
?Remote VPN 3002 Hardware Clients using Network Extension Mode (NEM): enable the Network Extension Reverse Route Injection option.
?LAN-to-LAN connections: see the Routing option on the Tunneling and Security | IPSec | LAN-to-LAN | Add or Modify screen.
HTH
06-29-2006 10:18 PM
I should have mentioned that this is for LAN-LAN Tunnels.
When i enable Reverse Route Injection under:
Tunneling and Security | IPSec | LAN-to-LAN | Add or Modify screen....
It automatically adds a static route REGARDLESS of whether the tunnel is up or not. This static route is then propagated via OSPF
It actually adds the Local and Remote Network List definitions for that particular Tunnel.
The only option i see is EZVPN wiht Network Extension Mode, however this means that the tunnel can only be established one way so im hesitant on doing this.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: