Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I want to use an HSRP virtual IP with policy-based IPsec.When I added the “redundancy” keyword while configuring a crypto map on the WAN interface, the following error appeared.(config-if)# crypto map XXX redundancy XXX%IP redundancy is not configure...
I have configured HSRP on VLAN 100 (Segment A) and VLAN 200 (Segment B) on the L3SWs, with L3SW#1 set as Active and L3SW#2 as Standby.If a downlink on L3SW#1 goes down, L3SW#2 becomes active for VLAN 100, but L3SW#1 remains active for VLAN 200. Will ...
I have registered “Smart Licensing Using Policy (Online)” authentication via an HTTP proxy on a Catalyst switch.Generally, when replacing a license due to a device failure, I understand the procedure involves first deleting the license associated wi...
I am using policy-based IPsec on a router. I understand that a tunnel is established when traffic matches the criteria defined in an ACL, but could you tell me when an established tunnel is terminated?(Specifically, when the SA no longer appears in t...
I have configured a PBR to change the next-hop destination (set ip next-hop).I believe the `show route-map` command should allow me to check the number of packets matched by the PBR, but the match counter remained at 0. Does this mean the PBR is not ...
@hellencharless54 Is it correct to assume that an IPsec tunnel cannot be established even if a "crypto map redundancy" is configured on a LAN interface that has HSRP configured? (Is this because IPsec encryption begins just before packets are sent ou...
@Richard Burts Sorry, I didn’t mention anything about routing earlier, but sw1 and sw2 have static routes pointing to sw3 for the separate segments on VLANs 100 and 200.Sw3 has its default route configured to the HSRP virtual addresses on Sw1 and Sw2...
Thank you.For the “Smart Licensing Using Policy” transport type, I understand that the command for injecting an idtoken is `license smart trust idtoken <token> local force`. Please let me know if this is incorrect.