Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
564
Views
0
Helpful
1
Replies

new to cloned virtual access interfaces

tiwang
Level 3
Level 3

‎07-05-2012 01:45 AM - edited ‎03-04-2019 04:52 PM

hi out there

We are migrating our vpn deployment from god old cryptomaps to virtual access cloned interfaces - we are still in "learning" phase where we deploy ezvpn-clients which connects to a central server. we have currently two VRF's defined with a internet vrf where the clients connects to and a service vrf where the clients are forwarede to the needed services. When the routers are connected the routingtable in that service-vrf look like this:


Gateway of last resort is not set

     10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks
S       10.120.3.1/32 [1/0] via 0.0.0.0, Virtual-Access4
S       10.120.3.0/24 [1/0] via 0.0.0.0, Virtual-Access4
S       10.120.1.1/32 [1/0] via 0.0.0.0, Virtual-Access3
S       10.120.1.0/24 [1/0] via 0.0.0.0, Virtual-Access3
S       10.120.4.0/24 [1/0] via 0.0.0.0, Virtual-Access2
S       10.120.4.1/32 [1/0] via 0.0.0.0, Virtual-Access2

                  

Is this as expected ? It bothers me a bit that the next hop is noted as 0.0.0.0 Each ezvpn client has a loopback interface which is the inside of the client (which is assigned a 10.120.x.1/32 adresse) and nat-pool (10.120.x.0/24)  through which the internal clients access the published service through the VPNServer.

Labels:
0 Helpful
1 Reply 1

tiwang
Level 3
Level 3

‎07-05-2012 10:10 PM

hi again

Really no-one out there seen a similar scenario? I just need verification that it looks as expected since I havent got anything to compare it with..

best regards /ti

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card