VPN to 3745 from mobile site via two different networks
Hi, wondering if anyone has any ideas on a problem I have.
I have 2 networks, one private and one internet, connecting to 2 interfaces on a 3745 router. I have mobile client routers (netscreens) that are moving from one network to the other.
The problem I have is the tunnel comes up when the client is on internet but when connected via the client network it needs a static route on the PoP pointing to the client network.
Without the static route the SA shows as QM_IDLE but it does not pass traffic. I also have an issue where when the router moves from internet to the private network the SA stays on the 3745 and causes SPI problems until it clears. Reducing idle-time seems to do nothing to help this.
Re: VPN to 3745 from mobile site via two different networks
So to clarify the problem, we have VPN termination on 2 different interfaces on a 3745, "internet" and "private". When connecting to "internet" all works fine. When connecting to "private", connection is up but no traffic passes unless a static route is added.
Could you elaborate more on what is the exact command you add? It will be much easier to understand if you could post a sanitized config and a topology as well.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...