Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
311
Views
0
Helpful
1
Replies

Router in HSRP group doesn't create reverse route for VPN tunnel

blakem
Level 1
Level 1

‎09-01-2006 05:48 AM

Hi,

I've configured 2 871's with HSRP on both interfaces (internal and external). There is a crypto map on the external interface which accepts VPN connections from a Cisco VPN client.

Because I'm using the VPN client (and hence will need to use dynamic addresses), I need reverse routes so that my internal hosts can send traffic back to the clients.

Unfortunately with my config, no routes are being created - does anyone know of a workaround, or and IOS version where reverse routes + HSRP is supported?

I've read something about vrf's but don't really understand how they work, and whether they are applicable to my situation...

Any help would be greatly appreciated.

Cheers,

Mike

p.s. The second router config is the same except for ip addresses and standby priorities.

Labels:
Preview file
3 KB
0 Helpful
1 Reply 1

mustafa_nbk
Level 1
Level 1

‎09-05-2006 01:37 AM

Hi,

From "crypto dynamic-map DYNMAP_1" Configuration, remove"match address CiscoVPNClientGroup_ACL" and check during the client connected to EASY VPN Server. You should find the static host route on your active router's routing table.

Thanks,

Mustafa

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents