Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
246
Views
1
Helpful
2
Replies

CRYPTO MAP and Routing Table

NikoMax
Level 1
Level 1

‎04-14-2025 03:33 AM

Hello Everyone

I have some generic questions regarding the IPsec.

When we use Crypto Map on VPN. How does the Routing table update the protected network? Generally I know how it works, but I wonder if the IP route should be inserted in the routing table by itself. For example, I use RRI (routing reverse injection), and I can see the path in the Routing table. But for another configuration where there is no RRI and the tunnel is working, I do not see the path to the protected network on the other end of the tunnel. Is it a must to see the path in the table, or will the crypto map redirect that traffic to the interface where we have applied the crypto map it??

Labels:
0 Helpful
2 Replies 2

Rob Ingram
VIP
VIP

‎04-14-2025 09:25 AM - edited ‎04-14-2025 09:34 AM

@NikoMax RRI is not mandatory, it is typically used when you want to redistribute the VPN routes to other parts of the network, useful if there are multiple exit points in a network.

As long as traffic to the remote destination is routed to the outside interface of the firewall/router where the VPN is configued and assuming the traffic matches the crypto ACL that defines the interesting traffic, then the traffic will be encrypted and routed over the tunnel.

MHM Cisco World
VIP
VIP

‎04-18-2025 05:43 AM

If you d9nt use RRI then your VPN use defualt route or static route.

MHM

0 Helpful
Customers Also Viewed These Support Documents