I have a hub-and-spoke topology with a 3725 has my hub and a couple 1811s as the spokes. Spokes are setup to use ezvpn to connect to the hub. Everything is working ok from each spoke to the hub (and equipment hanging off the hub). The strange behaviour is in spoke-hub-spoke encrypted traffic. If I reset the tunnel spoke1-hub, then spoke2 can ping equiment behing spoke1. If I keep pinging, traffic stays up - however if I stop the ping something in the hub seems to time out after 60sec or so. Then pings from spoke2 to spoke1 no longer work. Traceroute reveals that the hub is trying to route my traffic using the default route rather than the VPN injected static route for spoke1. This is only an issue for traffic going between spoke2-hub-spoke1. Everything else continues to work (spoke1-hub, spoke2-hub, hub-spoke1, hub-spoke2). Any ideas on what is timing out my routes and more importantly how I can correct it?
... View more