Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
What is the difference in the 2 entries below - it must be significant, else it wouldn't be in the Getvpn documentation.deny tcp any any eq sshdeny tcp any eq ssh any
Doing some testing before live implementation, have a small GETVPN lab network, single KS, 5 GMs, all at 12.4(15)T10. All encryption,routing,etc. is working fine except for something odd that I noticed.From Key server;C2851_Key_Srvr#sh cry gd ks meG...
Hi,have some questions about a recent STP issue in our network. After reviewing several Cisco STP design & troubleshooting guides, the documents repeatedly indicate that a STP failure is usually the result of a blocked port transitioning to forwardi...
to question #1:sh cry isa sa - shows only the SAs for ike phase1, not for traffic encryptionsh cry ips sa - will show u what traffic is being encrypted - that's why with sniffer you still see traffic encrypted.see: getvpn design & impl'n guide sectio...
hi, your isa lifetime should be 1200 on the GMs but defaulted on the KS (86400) - the GM value will take precedence. the tek life on KS should be 7200sec and the kek should be default of 86400.
