You are right Tyson, The example I was following did not have this configuration portion at all. Now the route is entered as expected, except on the server. I can ping from the client to the server (encap/decap go up) but I cannot ping from the sever to the client... interesting.
I am going to follow the doc Mohamed referenced. Thanks, Kyle ________________________________ From: Mohamed Gazzaz [[email protected]] Sent: Tuesday, November 30, 2010 5:33 PM To: [email protected]; Kyle Ross; [email protected] Subject: RE: [OSL | CCIE_Security] DVTI Kyle, Please see this guide http://www.cisco.com/en/US/docs/ios/sec_secure_connectivity/configuration/guide/sec_ipsec_virt_tunnl_ps6441_TSD_Products_Configuration_Guide_Chapter.html#wp1098013 - Test your configuration first with the Cisco Systems VPN client on the Windows XP. It seems like a routing issue to me (Try redistribution ) ________________________________ From: [email protected] To: [email protected]; [email protected] Date: Tue, 30 Nov 2010 16:58:11 -0500 Subject: Re: [OSL | CCIE_Security] DVTI Did you create the DVTI on the client as well and associate it to the EZVPN configuration? Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Managing Partner / Sr. Instructor - IPexpert, Inc. Mailto: [email protected]<mailto:[email protected]> Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: www.ipexpert.com/chat<http://www.ipexpert.com/chat> eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at www.ipexpert.com/communities<http://www.ipexpert.com/communities> and our public website at www.ipexpert.com<http://www.ipexpert.com/> From: [email protected] [mailto:[email protected]] On Behalf Of Kyle Ross Sent: Tuesday, November 30, 2010 4:26 PM To: [email protected] Subject: [OSL | CCIE_Security] DVTI Hello Everyone, Does anyone have a good guide or blog on DVTI configuration? I tried to follow Cisco's doc: http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6635/prod_white_paper0900aecd803645b5.html but the EzVPN clients never seem to get a route set to the Loopback 10000 interface for return traffic to the EzVPN server and EIGRP does not seem to work at all. IKE does not seem to be inserting the routes for me on the client. Any insight is greatly appreciated. Kyle _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
