Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2119
Views
5
Helpful
1
Replies

crypto map vpn_map1 2 set reverse-route command needed?

Go to solution
CiscoBrownBelt
Level 6
Level 6

‎08-09-2019 05:52 AM - edited ‎02-21-2020 09:23 AM

So on a 4100 Firepower, I see the command "crypto map vpn_map1 2 set reverse-route". I am not all sure it is needed. 
The IPSEC profile is for has all static IPs on both ends (for sources, destinations, etc.).
No IGP protocols are running the the FW.
Anyone know what else I should check in regards to why this command may be needed?

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎08-09-2019 07:01 AM

Hi,
If you aren't using a routing protocol to redistribute those VPN routes then it probably isn't necessary - it's just creating static routes for each VPN network, but doing nothing with them. If you had a redundant configuration and using routing to failover it would be useful.

HTH

View solution in original post

1 Reply 1

Go to solution
Rob Ingram
VIP
VIP

‎08-09-2019 07:01 AM

Hi,
If you aren't using a routing protocol to redistribute those VPN routes then it probably isn't necessary - it's just creating static routes for each VPN network, but doing nothing with them. If you had a redundant configuration and using routing to failover it would be useful.

HTH
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card