Your question is answered in the document you referenced (the document id should be 71585). The explanation is under step 12 of the Software Update/Native Mode section. To summarize, after you upgrade the standby sup, it will come up in RPR mode be...
From what I can tell, your 10.1.x.x networks are not in the encryption domain for your IPSec tunnel. So, the packet will follow the default routes in place already (x.x.x.237 on the 1841 and x.x.x.33 on the 871) unencrypted. If your intent is to co...
You would put your 'permit ip any any' at the end, since ACLs are processed top-down. Once a match is found, the packet is handled accordingly. If your 'permit ip any any' was at the beginning, no packets would ever reach your deny statements. ...
Have you verified the group password in your VPN client config (.pcf file)? The preshared authentication refers to that. Use what is in the 'key' portion of your 'crypto isakmp client configuration group ' config. Or, just leave it blank in your V...
Would configuring your second service as a primary sorry server in the content rule meet your criteria?http://www.cisco.com/univercd/cc/td/doc/product/webscale/css/css_720/bsccfggd/contrule.htm#1037955