cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
511
Views
1
Helpful
4
Replies

ospf and static route redistribution

R Manjunatha
Level 3
Level 3

Hi,

I'm unable to ping from the R2 router IP address 172.16.0.1 similarly from the R5 router as well. I configured the OSPF and static route in the R12 router and redistributed it. 

RManjunatha_0-1706810338920.png

R12 ROUER 

interface Ethernet0/0
ip address 172.16.1.104 255.255.255.0
duplex auto
!
interface Ethernet0/1
ip address 172.16.10.105 255.255.255.0
duplex auto
!
interface Ethernet0/2
ip address 172.16.0.2 255.255.255.0
duplex auto
!
interface Ethernet0/3
no ip address
shutdown
duplex auto
!
router ospf 1
redistribute static subnets
network 172.16.0.0 0.0.255.255 area 0
default-information originate always
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 Ethernet0/0
ip route 0.0.0.0 0.0.0.0 Ethernet0/1
ip route 0.0.0.0 0.0.0.0 172.16.0.1

 

R2 Router

version 15.7
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3-Spoke1
!
boot-start-marker
boot-end-marker
!
!
vrf definition cust1
rd 1:1
route-target export 1:1
route-target import 1:1
!
address-family ipv4
exit-address-family
!
vrf definition cust2
rd 2:2
route-target export 2:2
route-target import 2:2
!
address-family ipv4
exit-address-family
!
!
no aaa new-model
!
!
!
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!


!
!
!
!
no ip domain lookup
ip domain name cisco.com
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
mpls ldp loop-detection
!
!
!
!
!
!
!
!
crypto pki trustpoint CA
enrollment url http://172.16.1.1:80
password
fingerprint E0AFEFD7F08070BAB33C8297C97E6457
subject-name cn=R3-spoke.cisco.com,OU=FLEX,O=Cisco
revocation-check crl none
!
!
!
crypto pki certificate map mymap 10
subject-name co ou = flex
!
crypto pki certificate chain CA
!
redundancy
!
!
!
crypto ikev2 authorization policy default
route set interface
!
!
!
!
crypto ikev2 profile default
match certificate mymap
identity local fqdn R3-Spoke.cisco.com
authentication remote rsa-sig
authentication local rsa-sig
pki trustpoint CA
dpd 60 2 on-demand
aaa authorization group cert list default default
!
!
!
!
crypto ipsec profile default
set ikev2-profile default
!
!
!
!
!
!
interface Tunnel0
ip address negotiated
mpls bgp forwarding
tunnel source Ethernet0/0
tunnel destination 172.16.0.1
tunnel protection ipsec profile default
!
interface Ethernet0/0
description WAN
ip address 172.16.1.103 255.255.255.0
duplex auto
!
interface Ethernet0/1
description LAN
no ip address
no ip unreachables
duplex auto
!
interface Ethernet0/1.10
encapsulation dot1Q 10
vrf forwarding cust1
ip address 192.168.113.1 255.255.255.0
!
interface Ethernet0/1.20
encapsulation dot1Q 20
vrf forwarding cust2
ip address 192.168.123.1 255.255.255.0
!
interface Ethernet0/2
no ip address
shutdown
duplex auto
!
interface Ethernet0/3
no ip address
shutdown
duplex auto
!
router bgp 100
bgp log-neighbor-changes
neighbor 10.0.0.1 remote-as 10
neighbor 10.0.0.1 ebgp-multihop 255
neighbor 10.0.0.1 update-source Tunnel0
!
address-family ipv4
neighbor 10.0.0.1 activate
exit-address-family
!
address-family vpnv4
neighbor 10.0.0.1 activate
neighbor 10.0.0.1 send-community both
exit-address-family
!
address-family ipv4 vrf cust1
redistribute connected
exit-address-family
!
address-family ipv4 vrf cust2
redistribute connected
exit-address-family
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 172.16.1.104
ip route 10.0.0.1 255.255.255.255 Tunnel0 name workaround
ip route 172.16.0.1 255.255.255.255 172.16.1.1 name FlexHUB

R5 Router

vrf definition cust1
rd 1:1
route-target export 1:1
route-target import 1:1
!
address-family ipv4
exit-address-family
!
vrf definition cust2
rd 2:2
route-target export 2:2
route-target import 2:2
!
address-family ipv4
exit-address-family
!
!
no aaa new-model
!
!
!
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!


!
!
!
!
no ip domain lookup
ip domain name cisco.com
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
crypto pki trustpoint CA
enrollment url http://172.16.1.1:80
password
fingerprint E0AFEFD7F08070BAB33C8297C97E6457
subject-name cn=R4-Spoke.cisco.com,OU=Flex,O=Cisco
revocation-check crl none
!
!
!
crypto pki certificate map mymap 10
subject-name co ou = flex
!
crypto pki certificate chain CA
!
redundancy
!
!
!
crypto ikev2 authorization policy default
route set interface
!
!
!
!
crypto ikev2 profile default
match certificate mymap
identity local fqdn R4.cisco.com
authentication remote rsa-sig
authentication local rsa-sig
pki trustpoint CA
dpd 60 2 on-demand
aaa authorization group cert list default default
virtual-template 1
!
!
!
!
crypto ipsec profile default
set ikev2-profile default
!
!
!
!
!
!
interface Loopback100
vrf forwarding cust1
ip address 192.168.114.1 255.255.255.0
!
interface Loopback101
vrf forwarding cust2
ip address 192.168.124.1 255.255.255.0
!
interface Tunnel0
ip address negotiated
mpls bgp forwarding
tunnel source Ethernet0/0
tunnel destination 172.16.0.1
tunnel protection ipsec profile default
!
interface Ethernet0/0
description WAN
ip address 172.16.10.104 255.255.255.0
duplex auto
!
interface Ethernet0/1
description LAN
ip address 192.168.104.1 255.255.255.0
duplex auto
!
interface Ethernet0/2
no ip address
shutdown
duplex auto
!
interface Ethernet0/3
no ip address
shutdown
duplex auto
!
router bgp 100
bgp log-neighbor-changes
neighbor 10.0.0.1 remote-as 10
neighbor 10.0.0.1 ebgp-multihop 255
neighbor 10.0.0.1 update-source Tunnel0
!
address-family ipv4
neighbor 10.0.0.1 activate
exit-address-family
!
address-family vpnv4
neighbor 10.0.0.1 activate
neighbor 10.0.0.1 send-community both
exit-address-family
!
address-family ipv4 vrf cust1
redistribute connected
exit-address-family
!
address-family ipv4 vrf cust2
redistribute connected
exit-address-family
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 10.0.0.1 255.255.255.255 Tunnel0
ip route 172.16.0.1 255.255.255.255 172.16.1.1 name FlexHUB
!
ipv6 ioam timestamp

R1 ROUTER

hostname R1-HUB
!
boot-start-marker
boot-end-marker
!
!
vrf definition cust1
rd 1:1
route-target export 1:1
route-target import 1:1
!
vrf definition cust2
rd 2:2
route-target export 2:2
route-target import 2:2
!
!
aaa new-model
!
!
aaa authorization network default local
!
!
!
!
!
aaa session-id common
!
!
!
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!


!
!
!
!
no ip domain lookup
ip domain name cisco.com
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
mpls ldp loop-detection
!
!
!
!
!
!
!
!
crypto pki trustpoint CA
enrollment url http://172.16.0.2:80
password
fingerprint E0AFEFD7F08070BAB33C8297C97E6457
subject-name CN=R1-HUB.cisco.com,OU=FLEX,OU=VPN,O=Cisco Systems,C=US,L=Linux
revocation-check crl none
rsakeypair R1-HUB.cisco.com 2048
auto-enroll 95
!
!
crypto pki certificate chain CA
!
redundancy
!
!
!
crypto ikev2 authorization policy default
pool mypool
banner ^CC Welcome ^C
def-domain cisco.com
route set interface
!
!
!
!
crypto ikev2 profile default
match identity remote fqdn domain cisco.com
identity local dn
authentication remote rsa-sig
authentication local rsa-sig
pki trustpoint CA
dpd 60 2 on-demand
aaa authorization group cert list default default
virtual-template 1
!
!
!
!
crypto ipsec profile default
set ikev2-profile default
!
!
!
!
!
!
interface Loopback0
description VT source interface
ip address 10.0.0.1 255.255.255.255
!
interface Ethernet0/0
description WAN
ip address 172.16.0.1 255.255.255.0
duplex auto
!
interface Ethernet0/1
description LAN
ip address 192.168.100.1 255.255.255.0
duplex auto
!
interface Ethernet0/2
ip address 192.168.110.1 255.255.255.0
duplex auto
!
interface Ethernet0/3
ip address 192.168.111.1 255.255.255.0
duplex auto
!
interface Virtual-Template1 type tunnel
ip unnumbered Loopback0
ip nhrp network-id 1
ip nhrp redirect
mpls bgp forwarding
tunnel protection ipsec profile default
!
router bgp 10
bgp log-neighbor-changes
bgp listen range 0.0.0.0/0 peer-group mpls
bgp listen limit 5000
neighbor mpls peer-group
neighbor mpls remote-as 100
neighbor mpls transport connection-mode passive
neighbor mpls update-source Loopback0
!
address-family ipv4
redistribute connected
redistribute static route-map cust2
neighbor mpls activate
neighbor mpls next-hop-self
default-information originate
exit-address-family
!
address-family vpnv4
neighbor mpls activate
neighbor mpls send-community both
exit-address-family
!
ip local pool mypool 10.1.1.1 10.1.1.254
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 172.16.0.2 name route_to_internet

 

 

4 Replies 4

Hello,

 

Not exactly sure what you're trying to accomplish and looks like a lot going on. A couple things I notice:

 

R5 doesn't have a route to R2<->R12s P2P network

R12 has several default routes

Putting routes into OSPF wont accomplish anything towards the solution as I don't see OSPF configured on R2 or R5 (or R1) so its unaffected by OSPF.

Can you put a static route on R5 towards R12 pointing to wards the R12<->R2 P2P segment and show your routing table on R2 and R5?

 

-David

Hello,

hard to figure out. Post the full running configs of all 10 routers, so we can lab this up...

fniccola
Cisco Employee
Cisco Employee
ciao R Manjunatha,
 
only a fiew questions to understand better your environment
 
1. on R2 there is a static route with this next hop
 
ip route 172.16.0.1 255.255.255.255 172.16.1.1 name FlexHUB
 
why you are pointing to that IP? on the other end we have 172.16.1.104
 
can you share these outputs:
show ip arp inter eth0/0
show ip route 172.16.0.1
 
2. on R5 there is a static route with this next hop
 
ip route 172.16.0.1 255.255.255.255 172.16.1.1 name FlexHUB
 
why you are pointing to that IP? on the other end we have 172.16.10.105
 
can you share these outputs:
show ip arp inter eth0/0
show ip route 172.16.0.1
 
I'm  Replicating the environment in my lab, I'll share my results
 
TKK
FabioN

R Manjunatha
Level 3
Level 3

Hi,

There was a routing issue, and that has been resolved after configuring the static IP address, and now interface tunnel 0 is showing down. I can ping the WAN link from spokes to hub.

This is the mpls over flex VPN configuration, which was referred to in the Cisco documentation as shown below the link.

Cisco Content Hub - Configuring MPLS over FlexVPN

R3-Spoke1#sh ip int b
Interface IP-Address OK? Method Status Protocol
Ethernet0/0 172.16.1.103 YES NVRAM up up
Ethernet0/1 unassigned YES NVRAM up up
Ethernet0/1.10 192.168.113.1 YES NVRAM up up
Ethernet0/1.20 192.168.123.1 YES NVRAM up up
Ethernet0/2 unassigned YES NVRAM administratively down down
Ethernet0/3 unassigned YES NVRAM administratively down down
Tunnel0 unassigned YES NVRAM up down

R3-Spoke1#sh crypto isakmp sa
IPv4 Crypto ISAKMP SA
dst src state conn-id status

IPv6 Crypto ISAKMP SA

R3-Spoke1#sh crypto ipsec sa

interface: Tunnel0
Crypto map tag: Tunnel0-head-0, local addr 172.16.1.103

protected vrf: (none)
local ident (addr/mask/prot/port): (172.16.1.103/255.255.255.255/47/0)
remote ident (addr/mask/prot/port): (172.16.0.1/255.255.255.255/47/0)
current_peer 172.16.0.1 port 500
PERMIT, flags={origin_is_acl,}
#pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
#pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0
#pkts not decompressed: 0, #pkts decompress failed: 0
#send errors 0, #recv errors 0

local crypto endpt.: 172.16.1.103, remote crypto endpt.: 172.16.0.1
plaintext mtu 1500, path mtu 1500, ip mtu 1500, ip mtu idb Ethernet0/0
current outbound spi: 0x0(0)
PFS (Y/N): N, DH group: none

configuration :-

R3-Spoke1#sh run
Building configuration...

Current configuration : 3043 bytes
!
! Last configuration change at 08:07:17 CET Fri Feb 2 2024
!
version 15.7
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3-Spoke1
!
boot-start-marker
boot-end-marker
!
!
vrf definition cust1
rd 1:1
route-target export 1:1
route-target import 1:1
!
address-family ipv4
exit-address-family
!
vrf definition cust2
rd 2:2
route-target export 2:2
route-target import 2:2
!
address-family ipv4
exit-address-family
!
!
no aaa new-model
!
!
!
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180

!
no ip domain lookup
ip domain name cisco.com
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
mpls ldp loop-detection
!
!
!
!
!
!
!
!
crypto pki trustpoint CA
enrollment url http://172.16.1.1:80
password
fingerprint E0AFEFD7F08070BAB33C8297C97E6457
subject-name cn=R3-spoke.cisco.com,OU=FLEX,O=Cisco
revocation-check crl none
!
!
!
crypto pki certificate map mymap 10
subject-name co ou = flex
!
crypto pki certificate chain CA
!
redundancy
!
!
!
crypto ikev2 authorization policy default
route set interface
!
!
!
!
crypto ikev2 profile default
match certificate mymap
identity local fqdn R3-Spoke.cisco.com
authentication remote rsa-sig
authentication local rsa-sig
pki trustpoint CA
dpd 60 2 on-demand
aaa authorization group cert list default default
!
!
!
!
crypto ipsec profile default
set ikev2-profile default
!
!
interface Tunnel0
ip address negotiated
mpls bgp forwarding
tunnel source Ethernet0/0
tunnel destination 172.16.0.1
tunnel protection ipsec profile default
!
interface Ethernet0/0
description WAN
ip address 172.16.1.103 255.255.255.0
duplex auto
!
interface Ethernet0/1
description LAN
no ip address
no ip unreachables
duplex auto
!
interface Ethernet0/1.10
encapsulation dot1Q 10
vrf forwarding cust1
ip address 192.168.113.1 255.255.255.0
!
interface Ethernet0/1.20
encapsulation dot1Q 20
vrf forwarding cust2
ip address 192.168.123.1 255.255.255.0
!
interface Ethernet0/2
no ip address
shutdown
duplex auto
!
interface Ethernet0/3
no ip address
shutdown
duplex auto
!
router bgp 100
bgp log-neighbor-changes
neighbor 10.0.0.1 remote-as 10
neighbor 10.0.0.1 ebgp-multihop 255
neighbor 10.0.0.1 update-source Tunnel0
!
address-family ipv4
neighbor 10.0.0.1 activate
exit-address-family
!
address-family vpnv4
neighbor 10.0.0.1 activate
neighbor 10.0.0.1 send-community both
exit-address-family
!
address-family ipv4 vrf cust1
redistribute connected
exit-address-family
!
address-family ipv4 vrf cust2
redistribute connected
exit-address-family
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 10.0.0.1 255.255.255.255 Ethernet0/0
ip route 172.16.0.1 255.255.255.255 172.16.1.104 name FlexHUB

R4-Spoke#sh run
Building configuration...

Current configuration : 2985 bytes
!
! Last configuration change at 07:20:34 CET Fri Feb 2 2024
!
version 15.7
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R4-Spoke
!
boot-start-marker
boot-end-marker
!
!
vrf definition cust1
rd 1:1
route-target export 1:1
route-target import 1:1
!
address-family ipv4
exit-address-family
!
vrf definition cust2
rd 2:2
route-target export 2:2
route-target import 2:2
!
address-family ipv4
exit-address-family
!
!
no aaa new-model
!
!
!
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180

!
!
!
!
no ip domain lookup
ip domain name cisco.com
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
crypto pki trustpoint CA
enrollment url http://172.16.1.1:80
password
fingerprint E0AFEFD7F08070BAB33C8297C97E6457
subject-name cn=R4-Spoke.cisco.com,OU=Flex,O=Cisco
revocation-check crl none
!
!
!
crypto pki certificate map mymap 10
subject-name co ou = flex
!
crypto pki certificate chain CA
!
redundancy
!
!
!
crypto ikev2 authorization policy default
route set interface
!
!
!
!
crypto ikev2 profile default
match certificate mymap
identity local fqdn R4.cisco.com
authentication remote rsa-sig
authentication local rsa-sig
pki trustpoint CA
dpd 60 2 on-demand
aaa authorization group cert list default default
virtual-template 1
!
!
!
!
crypto ipsec profile default
set ikev2-profile default
!
!
!
!
!
!
interface Loopback100
vrf forwarding cust1
ip address 192.168.114.1 255.255.255.0
!
interface Loopback101
vrf forwarding cust2
ip address 192.168.124.1 255.255.255.0
!
interface Tunnel0
ip address negotiated
mpls bgp forwarding
tunnel source Ethernet0/0
tunnel destination 172.16.0.1
tunnel protection ipsec profile default
!
interface Ethernet0/0
description WAN
ip address 172.16.10.104 255.255.255.0
duplex auto
!
interface Ethernet0/1
description LAN
ip address 192.168.104.1 255.255.255.0
duplex auto
!
interface Ethernet0/2
no ip address
shutdown
duplex auto
!
interface Ethernet0/3
no ip address
shutdown
duplex auto
!
router bgp 100
bgp log-neighbor-changes
neighbor 10.0.0.1 remote-as 10
neighbor 10.0.0.1 ebgp-multihop 255
neighbor 10.0.0.1 update-source Tunnel0
!
address-family ipv4
neighbor 10.0.0.1 activate
exit-address-family
!
address-family vpnv4
neighbor 10.0.0.1 activate
neighbor 10.0.0.1 send-community both
exit-address-family
!
address-family ipv4 vrf cust1
redistribute connected
exit-address-family
!
address-family ipv4 vrf cust2
redistribute connected
exit-address-family
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 10.0.0.1 255.255.255.255 Ethernet0/0
ip route 172.16.0.1 255.255.255.255 172.16.10.105 name FlexHUB
!
ipv6 ioam timestamp
!
!
!
control-plane

!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
transport input none
!

R1-HUB#sh run
Building configuration...

Current configuration : 3141 bytes
!
! Last configuration change at 07:17:27 CET Fri Feb 2 2024
!
version 15.7
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1-HUB
!
boot-start-marker
boot-end-marker
!
!
vrf definition cust1
rd 1:1
route-target export 1:1
route-target import 1:1
!
vrf definition cust2
rd 2:2
route-target export 2:2
route-target import 2:2
!
!
aaa new-model
!
!
aaa authorization network default local
!
!
!
!
!
aaa session-id common
!
!
!
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!


!
!
!
!
no ip domain lookup
ip domain name cisco.com
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
mpls ldp loop-detection
!
!
!
!
!
!
!
!
crypto pki trustpoint CA
enrollment url http://172.16.0.2:80
password
fingerprint E0AFEFD7F08070BAB33C8297C97E6457
subject-name CN=R1-HUB.cisco.com,OU=FLEX,OU=VPN,O=Cisco Systems,C=US,L=Linux
revocation-check crl none
rsakeypair R1-HUB.cisco.com 2048
auto-enroll 95
!
!
crypto pki certificate chain CA
!
redundancy
!
!
!
crypto ikev2 authorization policy default
pool mypool
banner ^CC Welcome ^C
def-domain cisco.com
route set interface
!
!
!
!
crypto ikev2 profile default
match identity remote fqdn domain cisco.com
identity local dn
authentication remote rsa-sig
authentication local rsa-sig
pki trustpoint CA
dpd 60 2 on-demand
aaa authorization group cert list default default
virtual-template 1
!
!
!
!
crypto ipsec profile default
set ikev2-profile default
!
!
!
!
!
!
interface Loopback0
description VT source interface
ip address 10.0.0.1 255.255.255.255
!
interface Ethernet0/0
description WAN
ip address 172.16.0.1 255.255.255.0
duplex auto
!
interface Ethernet0/1
description LAN
ip address 192.168.100.1 255.255.255.0
duplex auto
!
interface Ethernet0/2
ip address 192.168.110.1 255.255.255.0
duplex auto
!
interface Ethernet0/3
ip address 192.168.111.1 255.255.255.0
duplex auto
!
interface Virtual-Template1 type tunnel
ip unnumbered Loopback0
ip nhrp network-id 1
ip nhrp redirect
mpls bgp forwarding
tunnel protection ipsec profile default
!
router bgp 10
bgp log-neighbor-changes
bgp listen range 0.0.0.0/0 peer-group mpls
bgp listen limit 5000
neighbor mpls peer-group
neighbor mpls remote-as 100
neighbor mpls transport connection-mode passive
neighbor mpls update-source Loopback0
!
address-family ipv4
redistribute connected
redistribute static route-map cust2
neighbor mpls activate
neighbor mpls next-hop-self
default-information originate
exit-address-family
!
address-family vpnv4
neighbor mpls activate
neighbor mpls send-community both
exit-address-family
!
ip local pool mypool 10.1.1.1 10.1.1.254
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 172.16.0.2 name route_to_internet
!
ipv6 ioam timestamp
!
route-map cust1 permit 10
match tag 666
!
route-map cust2 permit 10
match tag 667
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
transport input none
!
!
end

R1-HUB#

 

Review Cisco Networking for a $25 gift card