Solved: GMs in GDOI GET VPN

mgupta · ‎07-14-2012

I want to know that whether a group member (GM) can be a member of multiple groups, if yes a configuration or link may pl be provided showing the configuration where a GM is configured as a member of multiple groups/policies.

Thanks

M.K.Gupta

Marcin Latosiewicz · ‎07-15-2012

 A key server can support multiple groups. A group member can be part of multiple groups.

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_getvpn/configuration/15-2mt/sec-get-vpn.html

Configuration is fairly simple, you typically apply different crypto maps to different interfaces.

View solution in original post

Marcin Latosiewicz · ‎07-15-2012

 A key server can support multiple groups. A group member can be part of multiple groups.

http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_getvpn/configuration/15-2mt/sec-get-vpn.html

Configuration is fairly simple, you typically apply different crypto maps to different interfaces.

mgupta · ‎07-15-2012

Thanks for your pointed response.

M.K.Gupta

mgupta · ‎07-20-2012

I am stuckup as my router as GM to many groups (25) is connected to MPLS cloud using one interface only. MPLS service provider has allocated a /30 IP to WAN interface. How and where to apply different crypto maps so that it can become the member of all 25 different groups. I could not find any such case study or TAC document. I tried loopback interfaces but traffic is than not encrypted and passes directly.

Thanks

M.K.Gupta