In FMC, when creating route-based S2S VPN (thus using static VTI), why is full mesh is grayed out? Could it be done if all the devices participating in the full-mesh VPN were managed by FMC?
@cpaquet Full Mesh is for crypto map based VPN, not VTI (P2P) or DVTI (hub and spoke). According to Cisco presenter at Cisco live earlier this year DVTI will not be developed for Full Mesh either, you'd have to route through the hub to another spoke or use another solution (DMVPN, FlexVPN etc).
@cpaquet Full Mesh is for crypto map based VPN, not VTI (P2P) or DVTI (hub and spoke). According to Cisco presenter at Cisco live earlier this year DVTI will not be developed for Full Mesh either, you'd have to route through the hub to another spoke or use another solution (DMVPN, FlexVPN etc).
Thanks Rob. So, I guess that it could be done, but it wont be done... similar to why DMVPN is only available on routers and not on Firewall? probably a question of sales, leave some features exclusive to routers. Thanks for the prompt and concise reply.
