Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
No IPSEC applied anywhere yet.If you have 2 routers configured back-to-back with physical interfaces and tunnel interfaces - which path will traffic travel over?Answer - it will follow the path from the routing table i suppose. Be it OSPF or static r...
Hi all,I have 2 routers connected and trying to make teh GRE come up over IPSEC, and i think my issue is lying with the ACL.They are running old versions of IOS, and as such i need to have the crypto map on both the tunnel and physical interfaces.I h...
Just messing around in a lab with a few routers. Trying to bring up transport mode first on an IPSEC tunnel. All seems correct, but it constantly comes up in Tunnel Mode. I can't see why? Can anyone see anything obvious?Enclosed are configs and a Wir...
Hi All,As far as i can see with iBGP there are 2 options :-1. synchronization is enable and redistribution of BGP into the IGP2. no synchronization + every router (not just iBGP routers) part of a full mesh iBGPIf you take option 1 - the argument is...
We have 2 x 4404 controllers.It is layer 3 LWAPP. They are in different buildings on different subnets.They have different AP Manager and Management Interfaces.They are in the same mobility gourp.We have some AP's connecting to one controller and oth...
Andrew,Thanks for the reply and it's just the answer i was looking for.I know it's a basic question, but sometimes it's best to ask the obvious ones.There is a lot of documentation around setting up IPSEC and GRE, but very little about the obvious of...
Thanks for the reply Rick.The access list is a catch-all :-access-list 100 permit ip any anyIt's a strange one to grasp really. "traffic to be protected has the same IP addresses as the IPSec peers "My routers are peers - 192.168.1.1 & 192.168.1.2If ...
Thanks Dandy.Sounds like the iBGP peers should be directly connected - over copper or fibre or whatever is required.If you have a situation like 12-6, then you must :-1. redistribute BGP into IGP2. run BGP on the transit router alsoSounds like there ...
Thanks Steve.I created all the AP Group VLAN's on both controllers.I also created all the interfaces on both controllers, but with different IP addresses - 10.32.71.10/24 on one, and 10.32.71.11 on the other.Mobility was already setup, so it's all no...
