Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

GETVPN....

Hi,

Getting strucked in configuring in GETVPN, all GM's are connected and working fine with KS and share routes for Data Center, how can i connect with DR of all my GM's as they have only one WAN interface which is connected with WAN.

Kindly advice. Thanks in advance

Ragards

2 REPLIES

Re: GETVPN....

Create second GETVPN. On the key servers in the DR site define a second group. On the GM you'll have a second group configured there. Make sure the policies on each KS don't interfere with the others.

Here's a great doc on GETVPN including using multiple groups.

http://tools.cisco.com/search/display?url=http%3A%2F%2Fwww.cisco.com%2Fen%2FUS%2Fprod%2Fcollateral%2Fvpndevc%2Fps6525%2Fps9370%2Fps7180%2FGETVPN_DIG_version_1_0_External.pdf&pos=5&strqueryid=1&websessionid=q5jCd5qhE75u98N8r0O00fG

Hope it helps.

New Member

Re: GETVPN....

Hi Collin,

First Thanks for your reply, i did the same thing which you mentioned in your reply and now its working. But still there is an other issue of maintaining crypto sessions in GM. One cryto session becomes IDLE and DOWN autometically within few minutes althrough there is intersting traffic from DR & DC,after that i have to remove crypto map from GM interface and apply it back than its working fine. Again after few minutes its happening back again.

Kindly find the attached files of KS (DC and DR) and GM. In GM you can find the down and up crypto session. Kindly advice do i need any futher configuration.

Thanks in advance.

Regards

280
Views
0
Helpful
2
Replies