HI, On Thu, Sep 12, 2013 at 09:49:01PM +0000, Blake Pfankuch - Mailing List wrote: > Working with a vendor who is saying that when we "upgrade" from 12.2.25 to > 15.1.4 on a couple of 2800 series routers holding about 15 IPSec vpn's and > tunnel interfaces with EIGRP across them we are going to have to rewrite all > of the config due to completely new command syntax on 15.1.4 compared to > 12.2.25. > > Has anyone run into this before? I am seeing little differences, but not > crazy amounts...
Without being able to specifically answer your question, I think there's
two aspects to it
- *usually* IOS does a tremendous job in understanding old configs, and
rewriting to new format when upgrading on "main line" trains (when
going from stuff like 12.0S to 12.2SB to 12.4, that might not always
work)
- that "vendor" might have learned that newer IOS have an *additional*
way to configure IPSEC - the old way is "crypto map on the outside
interface", while the new way is "a tunnel interface with encapsulation
IPSEC". If you want to use the new way, you'll have to rewrite your
config, but *as far as I understand* "crypto map style" is still
supported.
So... I would just try it on one box, and if it comes up and all the
IPSEC config is borked, go back to 12.2, and go to the lab to see
what needs changing :-)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
pgpsgPUD66PcY.pgp
Description: PGP signature
_______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
