Re: when a put out the tunnel, ospf do not work onto wan interfa

andersonandrade · ‎11-08-2006

Hello there,

i have a doubt.

actually we make in my enterprise changes of

type of security strategy and change ipsec tunnel for the rsa pub-key.

Ok..

But, when we put the tunnel in shutdown, in order eliminate, i can?t put the wan interface in OSPF.

=before=

interface tunnel99

shutdown

no bandwidth 256

no ip address x.y.z.k 255.255.255.252

no ip ospf cost 360

no tunnel source x.y.z.k

no tunnel destination x.y.z.(k+1)

no interface tunnel99

by the way:

1) the crypto map is ok and works good.

in the interface serial

interface Serial0/0.99

ip ospf cost 360 (the same the ancient tunnel)

crypto map x.y.z.k

in the process ospf

router ospf 4499

no passive-interface Serial0/0.99

Somebody knows whats wrong???

in one case a put the tunnel in passive-interface after exclude, the router accept this command, and they works good. But i?m not really sure about this solution.

Thanks a lot...

Anderson (Brazil)

cdusio · ‎11-08-2006

what is the condition you are trying to fix? This is confusing. You had a tunnel, you are moving the tunnel to a new interface?

andersonandrade · ‎11-13-2006

The cryptography is ok, but, the OSPF do not redistribute the internal routes.

No, in this case i disable the tunnel, and use de IP address for a new conection in other sub-interface. I the new conection i use rsa cryptography.

jackyoung · ‎11-08-2006

Please provide more detail config. of the routing protocol and the ip address in interface. Your example of the tunnel ip is the same as the tunnel source that confused the case.

when a put out the tunnel, ospf do not work onto wan interface.