I'd need to see what's on the other end of the tunnel. I can see that the KS is running multicast but what about the GM? Is the GM failing the RPF check back the to KS?
Regards, Brandon Carroll - CCIE #23837 Senior Technical Instructor - IPexpert Mailto: [email protected] Telephone: +1.810.326.1444 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com Platinum Solutions Group (PSG) provides high-end consulting services with a primary emphasis on Cisco's Data Center Solutions, Service Provider Solutions, Unified Communications and Security-enabled infrastructures. Be sure to visit www.platinumsolutionsgroup.com. On May 12, 2010, at 12:09 PM, Sumit Mahla wrote: > Any Suggestions? > > > > From: [email protected] > To: [email protected] > Date: Wed, 12 May 2010 13:56:21 +0530 > Subject: [OSL | CCIE_Security] GETVPN multicast server on Inside of > Multicontext ASA > > Hello All, > > > I configured GETVPN key server on the inside of ASA, and GM on outside... > > GM are able to register.... (port 500 and 848 for udp are opened on the ASA) > > but for multicast rekey's i configured a multicast tunnel with the follwoing > config.... > > > > ON KEY SERVER (config apart from getvpn) > > ip multicast-routing > > int tun15 > ip unnumb f0/0 > ip pim dense-mode > tunnel sou f0/0 > tunn destination 123.123.41.1 > > int f0/0 > ip pim dense-mode > > > ip mroute 123.123.41.1 255.255.255.255 tun15 > > > > > same kind of gre config on one of the GM... > > > > I opened gre any any on ASA... the same config was working few days back.. > but today its not... > > > Could you please suggest ? > > > > Invest your money wisely post Budget Sign up now. > All the post budget analysis and implications Sign up now. > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
