I have a multiisite hub and spoke VPN network. Is there any way to configure the end points to initiate the tunneling for the multiple subnets they are carrying, without traffic being geneterated to each subnet. IE. site a is 22.214.171.124 site b is 126.96.36.199, and so on, hq is 10.10.10.10. Each site routes to each other site through the main vpn tunnel to hq, but, they cannot talk to each other, unless each site tries talking to the others as well, IE if A pings 188.8.131.52 it will not respond until B pings 184.108.40.206, and then they talk fine. Any help or ideas?
Based on the description you provide us it looks like a particular site has a Dynamic IP address so the other host does not know who the peer is, so until the peer inittiates the VPN it will then know who it is,
The vpns are site to site, each of the spokes connect directly to the hub. Each spoke is a dynamic ip with the hub being static. each spoke only has one vpn peer and that is the hub, and the "main" subnet at the hub is tunneled immediately when the settings are applied in the VPN, but the hub has itself 3 subnets. I have to initiate traffic from the spoke to the other subnets to get them to tunnel. which is in line with having to initiate traffic from spoke to spoke across hub, except in that case, not until the other spoke initiates traffic back, does the routing and traffic flow.
I can provide diagrams and configs if needed, to assist.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :