Hi I have configured PBR to block ICMP with packet size 500 from Frame cloud to R4 inside interface. However on R4 is also configured as ezvpn client. I have the following configuration on R4 inside and outside interfaces
interface FastEthernet0/0 ip address 192.1.40.4 255.255.255.0 duplex auto speed auto crypto ipsec client ezvpn ABC inside ! interface Serial0/0/0 crypto ipsec client ezvpn ABC service-policy type access-control input PM-AC2 ip policy route-map mymap After I configured PBR on R4 I tried to ping R4 inside ip (192.1.40.4) I could and got the following error: Oct 2 21:44:10.451: %CRYPTO-4-RECVD_PKT_NOT_IPSEC: Rec'd packet not an IPSEC packet. (ip) vrf/dest_addr= /192.1.40.4, src_addr= 192.1.24.2, prot= 1 However when I removed the crypto map on s0/0/0, I can ping to R4 (192.1.40.4). Can some one advise me what is the issue here??. thanks
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
