I recently upgraded one of my VPN routers to IOS12.4(20) and RRI no longer worked
previously on IOS12.4(4)
relevent old config :
crypto map IPSec-VPN1 122 ipsec-isakmp
set peer 165.228.173.218
set ip access-group 132 in
set transform-set AES256 CHELTENHAM
match address REFRIGERATE
reverse-route tag 5
!
route-map RRI permit 10
match tag 5
!
router eigrp 100
redistribute static metric 1000 100 255 1 1500 route-map RRI
when upgraded to 124(20) noticed the "reverse-route tag 5" dropped from config
so after investigation changed the crypto map to
crypto map IPSec-VPN1 122 ipsec-isakmp
set peer 165.228.173.218
set ip access-group 132 in
set transform-set AES256 CHELTENHAM
set reverse-route tag 5
match address REFRIGERATE
reverse-route remote-peer 165.228.173.218
this seemed to be ok as a route was established ,and could see it through my eigrp network
But no traffic was passed from my vpn router (encrypted traffic 0)
could not ping remote site.
reverted back to static routing, removed the reverse-route statements and passed traffic ok
is anything else required to be configured when running RRI on 12.4(20)