it didn't seem to jump out at us, but:
- assign an address to your loopback interface on each router
- if your using pre-shared keys, define the loopback peer address in that
'crypto isakmp key' statement
- assign the loopback peer address in your crypto map configuration using 'set
peer'
- then change the tunnel end-point with the
'crypto map some-map local-address whatever-the-address-is'
- enabling IPsec on the loopback with the interface definition didn't seem to
work (which seemed the logical thing to do). we continued to use our outside
interfaces.
have fun...
-----Original Message-----
From: Michael [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, May 08, 2001 9:25 AM
To: [EMAIL PROTECTED]
Subject: IPsec Using Loopback
Does anyone tried IPSEC on cisco routers using loopback addresses? We need
this implementation because we have redundant paths and we need IPSEC to
be always up even if one of the link fails.
Thanks
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
