first I initiate the connection and the tunnel come up , but I try to clear down the TUNNel using clear crypto sa and clear crypto session but it is not clear , then I remove the crypto map from the interface and the ipsec sa has cleared , but when reenable the crypto map on the interface the ipsec sa come again withpout initiating traffic , and on the other side there is no sa
From: [email protected] To: [email protected]; [email protected] Subject: RE: [OSL | CCIE_Security] CRYPTO_MAP Remove Date: Fri, 18 Nov 2011 20:02:52 +0500 Site to Site VPNs are on demand sort of . You need to issue a source ping or make traffic pass through them to make it Active ( keeping crypto ACL in mind ) . Did the VPN session came up without initiating the connection ? From: [email protected] To: [email protected] Date: Fri, 18 Nov 2011 14:20:54 +0000 Subject: [OSL | CCIE_Security] CRYPTO_MAP Remove I have simple topology R1 - R2 and configure IPSEC Site to Site tunnel the Tunnel is working fine , but If I notice trange issue , if I remove the Crypto map from R2 (the responder interface) the " show crypto ipsec sa " show that there is no IPSEC sa but when I enable the CRYPTO MAP on the interface , without any ISAKMP messages and with show crypto IPSEC SA I found the same sa there agin , how it is recovered ?? it is GNS BUG ? Regards _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
