Hello Jimmy, Yeah it works with route-maps too :)
*ip access-list extended VPN_ACL* * permit ip host 1.1.1.1 host 2.2.2.2* * * *ip local-policy route-map VPN_ROUTE_MAP* ( To allow the route-map to match locally generated traffic ) *route-map VPN_ROUTE permit 10* * match ip address VPN_ACL* * set ip next-hop 172.16.1.*1 ( setting the next hop to the fa 0/0 interface, so that the packets get processed as packets to be encrypted ) As far as the difference between the 2 commands, i'm not sure. Must look it up :) Hope this helps! Cheers, TacACK
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
