05-27-2013 08:55 PM - edited 02-21-2020 06:55 PM
Hello,
what the impact of share word when i type it at the end of this command under interface tunnel mode in DMVPN configuration?
tunnel protection ipsec profile share
in other words, if i have two tunnels on the same physical interface with two different clouds and
didn't type share word at the end of that command will cause any problem communicating with their peers?
please treat this as urgent. thank you for your help!
Labib
Solved! Go to Solution.
05-28-2013 07:13 PM
Yes you need to use the command Shared.
The shared keyword allows IPsec sessions to be shared between multiple tunnel interfaces configured with the same tunnel source IP.
Potha
05-27-2013 10:24 PM
Hello,
yes you need to type the command "shared" if you are share the tunnel with same physical interface.
for more inform please read this cisco article.
please let me know if you have any doubts.
Potha
05-27-2013 10:30 PM
The tunnel protection IPsec profile shared command is used to create a single IPsec SADB for all the tunnel interfaces that use the same profile and tunnel source interface. This allows a single IPsec SA to be used for all GRE tunnels (same tunnel source and destination, but different tunnel keys) between the same two endpoints. It also makes IPsec QM processing unambiguous because there is one SADB to process the incoming IPsec QM request for all shared tunnel interfaces as opposed to multiple SADBs, one for each tunnel interface when the tunnel interface is not shared
05-28-2013 07:21 AM
Hi Shine,
thanks for your reply!
i'm using two tunnel interfaces on the same source physical interface with different destination ip addresses and different NHRP IDs and also different GRE IDs.
so in this case i should use share word at the end of this command or not?
thank you!
Labb
05-28-2013 07:13 PM
Yes you need to use the command Shared.
The shared keyword allows IPsec sessions to be shared between multiple tunnel interfaces configured with the same tunnel source IP.
Potha
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide