Hi all IPSec shared profiles enables more than two GRE tunnels that has the same tunnel source, destination and tunnel key to use the same IPSec SADB.
Here the spokes uses IPSec shared profile. The spokes peer with two hubs. With IPsec profile the SADB are the same. The spoke's T0 and T1 that tunnels to Hub1 and hub2 uses the same SA. I am wondering how can that happen? The spokes are negotiating DH with two different hubs. How come they come up with the same shared secret. Hub 1 and Hub 2 doesn't communicate each other. Can someone provide the insight. http://www.cisco.com/en/US/docs/ios/sec_secure_connectivity/configuration/guide/share_ipsec_w_tun_protect_ps6441_TSD_Products_Configuration_Guide_Chapter.html With regards Kings
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
