Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I cannot fully understand this. vpn client already know its lan subnet, although it took default network from server side by mode-cfg, it can still exclude its local lan subnet by itself for encryption. Why does it need server side to configure "incl...
Hi, I did upgrade from 6.1.2-1000 to 6.1.2-1107. From "OS Administration"->show->software, it says active version is still 6.1.2-1000, but "installed software option" is cmterm-devicepack6.1.2.1107-1.cop, what do that means? how can I make 6.1.2.1107...
I noticed that "enrollment url" command supports "https" and then tried to test it. I already enabled ssl support on my CA server(win2003 server). my ios configuration is:2691_5(config)#crypto pki trustpoint pcserver2691_5(ca-trustpoint)#show enrollm...
Hi, I'm trying to test srst feature. I have one 7905 and one 7960 in branch office, and one ccm4.1(3) in central office, I enabled srst feature in branch router. then I use access-list to deny all port 2000 packet going to ccm, after a while, 7960 sw...
Hi, I'm a newbie in this area, can anybody tell me how to debug ccm? say: check why register fail? check why call fail? Is there a log file to say something? or some tool can help me to troubleshoot?Thanks.
Hi, I think you should to make sure if traffic went through vpn tunnel firstly when you ping beyond the router lan interface. you can check by "show crypto ipsec sa", or even "debug ip packet acl".If packet already reach router through vpn tunnel and...
Thanks.that function can only switchover active and inactive version. In my case, select "version", it shows my active version is 6.1.2.1000, inactive version is 6.1.1.2000, and I have another "installed software option" which is 6.1.2.1107, and it w...
thanks. I'm just using "enrollment url" command. the problem is I hope to use "https url" instead of "http url". if using "https url", I have to tell IOS to accept peer's certificate firstly but I don't know how to do it.
How about ccm4.1(3)? The bad thing is I do not have ccm5.x installed. Where can I find a matrix to show which version support which protocol about ccm?thanks for so quick response.
