cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
252
Views
0
Helpful
2
Replies
Highlighted
Beginner

How best to disable GETVPN

Hi,

 

Been a long time since I've posted on here, but new to GETVPN, been asked to diabled fully without any down time, so looks like all GM have a open fail policy and no local ACLs.

 

what would you good people suggest as good way to allow traffic just to pass over the MPLS as normal not use the GETVPN?

 

Thanks in advance

Kevin

2 REPLIES 2
Highlighted
RJI Advisor
Advisor

Re: How best to disable GETVPN

Hi,
I'm not sure it's possible to do without an interruption to service. Ultimately you'll need to disable encryption on all of the interfaces.

E.g
interface GigabitEthernet 0/0
no crypto map GET_MAP
Beginner

Re: How best to disable GETVPN

Hi,

 

Currently my options are

1) Deny ip any any on KS gdoi ACL (wait a week to see if any fallout, then safety remove config on GMs)

 

2) Remove all GM peer IP addresses on KSs

 

3)on GMs remove VPN map command from interfaces as you suggested.

 

Thanks

Kev 

 

CreatePlease to create content
Content for Community-Ad
FusionCharts will render here