Hi Eugene, You need to enable multicast on both devices "ip multicast-routing" and then on the tunnel you will need "ip pim sparse-mode"
Cheers, Warrick On Tue, Aug 7, 2012 at 10:05 AM, Eugene Pefti <[email protected]> wrote: > Guys, > > I’m trying to recreate the scenario I ran into Lab 17 my own way and > stumbled upon multicast rekeying. > > > > This is the rudimentary diagram: > > > > R1 (192.168.3.1 - KS) -----------ASA context ---------R2 > (192.168.5.2 - GM) > > (loopback 1.1.1.1) > (loopback 2.2.2.2) > > > > R1 sends key via multicasts: > > > > ip access-list extended REKEY-ACL > > permit udp host 1.1.1.1 eq 848 host 239.1.1.254 eq 848 > > > > I created GRE tunnel between R1 and R2 to overcome multicontext ASA > limitation. > > > > R1: > > interface Tunnel126 > > ip address 10.10.10.1 255.255.255.0 > > tunnel source FastEthernet0/0 > > tunnel destination 192.168.5.2 > > > > R2: > > interface Tunnel126 > > ip address 10.10.10.2 255.255.255.0 > > tunnel source FastEthernet0/0 > > tunnel destination 192.168.3.1 > > > > Tunnel is up but how can I tell R1 to use this tunnel to send multicast > rekeys ? > > > > Eugene > > > > > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
