Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1250
Views
0
Helpful
0
Replies

ASA 5500-x series and dynamic RRI on IPSEC IKEv1 ?

aarboleya
Level 1
Level 1

‎02-06-2020 08:47 AM

Dear all,

 

Dynamic reverse route injection (RRI)  is available for IKEv2 policy-based IPSEC VPNs (static crypto maps).  However with IKEv1 it is only possible to configure static RRI.

 

Does anyone know what we could do on IKEv1 (with static crypto maps) to inject dynamically reverse routes and avoid having persistent routes always installed on the routing table despite the VPN tunnel is active or not. The objective of that is to be able to redistrubte the vpn encryption domain (local subnets) of the remote sites to a secondary datacentre but only when the remote IPSEC peer is UP.

 

Any idea about this or a similar solution would be very well received.

Thank you very much.

 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card