Site to Site VPNs are on demand sort of . You need to issue a source ping or make traffic pass through them to make it Active ( keeping crypto ACL in mind ) . Did the VPN session came up without initiating the connection ?
From: [email protected] To: [email protected] Date: Fri, 18 Nov 2011 14:20:54 +0000 Subject: [OSL | CCIE_Security] CRYPTO_MAP Remove I have simple topology R1 - R2 and configure IPSEC Site to Site tunnel the Tunnel is working fine , but If I notice trange issue , if I remove the Crypto map from R2 (the responder interface) the " show crypto ipsec sa " show that there is no IPSEC sa but when I enable the CRYPTO MAP on the interface , without any ISAKMP messages and with show crypto IPSEC SA I found the same sa there agin , how it is recovered ?? it is GNS BUG ? Regards _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
