Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

new to cloned virtual access interfaces

hi out there

We are migrating our vpn deployment from god old cryptomaps to virtual access cloned interfaces - we are still in "learning" phase where we deploy ezvpn-clients which connects to a central server. we have currently two VRF's defined with a internet vrf where the clients connects to and a service vrf where the clients are forwarede to the needed services. When the routers are connected the routingtable in that service-vrf look like this:


Gateway of last resort is not set

     10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks
S       10.120.3.1/32 [1/0] via 0.0.0.0, Virtual-Access4
S       10.120.3.0/24 [1/0] via 0.0.0.0, Virtual-Access4
S       10.120.1.1/32 [1/0] via 0.0.0.0, Virtual-Access3
S       10.120.1.0/24 [1/0] via 0.0.0.0, Virtual-Access3
S       10.120.4.0/24 [1/0] via 0.0.0.0, Virtual-Access2
S       10.120.4.1/32 [1/0] via 0.0.0.0, Virtual-Access2

                  

Is this as expected ? It bothers me a bit that the next hop is noted as 0.0.0.0 Each ezvpn client has a loopback interface which is the inside of the client (which is assigned a 10.120.x.1/32 adresse) and nat-pool (10.120.x.0/24)  through which the internal clients access the published service through the VPNServer.

Everyone's tags (2)
1 REPLY
New Member

new to cloned virtual access interfaces

hi again

Really no-one out there seen a similar scenario? I just need verification that it looks as expected since I havent got anything to compare it with..

best regards /ti

359
Views
0
Helpful
1
Replies
CreatePlease login to create content