Sorry.... My mind is indeed blurred. Why the heck am I using "set reverse-route". It's just "reverse-route" Fixed ;)
On the side note, I tried to add a banner to be shown to the user in the form xauth-banner="Hello User" but it was not accepted. I'm doing TACACS authorization as opposed to the RADIUS and my set attributes that I'm pushing from ACS are as follows: user-vpn-group=EZVPN-GR tunnel-password=cisco123 addr-pool=EZVPN-POOL inacl=101 From: Eugene Pefti Sent: Thursday, August 30, 2012 5:33 PM To: 'Fawad Khan'; Brian Hooker Cc: [email protected] Subject: RE: [OSL | CCIE_Security] mic check Whew... I thought everyone has gone for CCIE Security version 4 bootcamp ;) Folks, Please remind me, my mind is completely blurred. If I'm doing EzVPN termination the standard way, i.e. without the virtual tunnel interface but with the dynamic crypto map, how would I configure reverse-route injection? I have two options: set reverse-route tag set reverse-route distance My EzVPN client is just one hop away from the EzVPN server. I had it connected, the IP address was issued but the server doesn't have a route to the client Eugene From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Fawad Khan Sent: Thursday, August 30, 2012 6:38 AM To: Brian Hooker Cc: [email protected]<mailto:[email protected]> Subject: Re: [OSL | CCIE_Security] mic check Loud and clear, over. On Thursday, August 30, 2012, Brian Hooker wrote: Tap, tap, tap. Is this thing on? CONFIDENTIALITY NOTICE: This electronic mail message is intended exclusively for recipient to which it is addressed. The contents of this message and any attachments may contain confidential and privileged information. Any unauthorized review, use, print, storage, copy, disclosure or distribution is strictly prohibited. If you have received this message in error, please advise the sender immediately by replying to the message's sender and delete all copies of this message and its attachments without disclosing the contents to anyone, or using the contents for any purpose. _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com<http://www.ipexpert.com> Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com<http://www.PlatinumPlacement.com> -- FNK, CCIE Security#35578
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
