I am very confused with the following Crypto Map question: In the MCNS book (by Cisco Press), it said that if a static crypto map entry sees outbound IP traffic that should be protected and the crypto map specifies the use of IKE, then a Security Assoication is negotiated with the remote peer according to the paramenters included in the crypto map entry ( => I understand this, as that's what IKE is for)
However, the book also said that if a dynamic crypto map entry sees outbound traffic that should be protected and NO Security Association exists, then the packet will be dropped - why? I thought the pre-requsitite for dynamic crypto map is to use IKE. And if IKE is used, wouldn't it be able to negotiate a Security Association like the first scenario? Any help will be greatly appreciated. Best Regards, Hunt Lee IP Solution Analyst Cable & Wireless Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=27909&t=27909 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
