Michael, Looks like Kingsley has answered your two questions. I will mention though that tunnel-source is used for sourcing packets from an interface whereas ip unnumbered is used to actually allocate an IP address to the interface. Even on a GRE tunnel when you use tunnel-source you still give the interface an IP address right?
Regards, Brandon Carroll - CCIE #23837 Senior Technical Instructor - IPexpert Mailto: [email protected] Telephone: +1.810.326.1444 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com On Apr 1, 2010, at 4:31 AM, Michael Davis wrote: > Hi Everyone – I have 2 questions: > 1. When using Virtual templates with EZVPN what is the difference > between using the “ip unnumbered fa0/0” command or the “tunnel source fa0/0” > command? When I use either command the ezvpn completes, but I don’t get any > traffic flow using the “tunnel source” command > 2. I don’t understand ICMP with ZBF. I inspect it, but the > class-default drops it as though it has not matched my inspect policy?? When > I configure the default class to pass then ICMP works. Has anyone else seen > this? I don’t get it…. > Apr 1 11:40:27.191: %FW-6-LOG_SUMMARY: 4 packets were dropped from > 4.8.22.2:8 => 10.2.2.14:0 (target:class)-(IN->EZVPN:class-default > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
