Hi Everyone - I have 2 questions: 1. When using Virtual templates with EZVPN what is the difference between using the "ip unnumbered fa0/0" command or the "tunnel source fa0/0" command? When I use either command the ezvpn completes, but I don't get any traffic flow using the "tunnel source" command
2. I don't understand ICMP with ZBF. I inspect it, but the class-default drops it as though it has not matched my inspect policy?? When I configure the default class to pass then ICMP works. Has anyone else seen this? I don't get it.... Apr 1 11:40:27.191: %FW-6-LOG_SUMMARY: 4 packets were dropped from 4.8.22.2:8 => 10.2.2.14:0 (target:class)-(IN->EZVPN:class-default
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
