Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

GETVPN : How to update the security policy from KS to GM instantaneously

Hi,

I am just wondering how to push the security policy update in KS, eg. change of access-list, to GM immediately ?

If I am right, the update will wait until the rekey life time expired. I know I can exclude on each GM but if I have 500 GMs, it would be very difficult.

any workaround ?

thanks

-santo-

1 REPLY
Cisco Employee

GETVPN : How to update the security policy from KS to GM instant

Santo,

It depends on what GDOI protocol your KS and GMs support.

It's only recently that we made a change so that new policies are not sent after change.

New versions let you control when update will be pushed (via command).

M.

206
Views
0
Helpful
1
Replies
CreatePlease to create content