03-30-2011 04:59 AM
Our company has a handful of sites that use the EasyVPN technology.
On my remote router (Cisco1841) - I add the crypto inside to the FA0/0 and the Loopback0 interface.
On the other end my Cisco ASA 5580 - 8.41 code - I have RRI enabled and the tunnel comes up fine.
However I only see the static route from the fa0/0 interface on the remote router. I can not figure why I can not see the Loopback0 address?
Wondering if this is a limitation or feature not enabled.
I added multiple interfaces on the Cisco 1800 and can see the networks.
I run "show crypto ipsec sa" on the Cisco ASA and see the spi encaps/decaps for the loopback, but the SH ROUTE does not show the static route being injected.
Any ideas would be grateful.
04-09-2011 01:49 AM
Hi,
If you have a specific proxy ID for loopback and don't see it inserted, well I guess you'd better open a TAC case.
Marcin
04-09-2011 07:17 AM
I actually figured it out. There is a BUG with RRI with 32 bit addresses. If I make the Loopback a 30 bit address it works fine.
CSCsg25002 Bug Details
Enhance RRI to Inject 32 bit mask route
04-09-2011 07:18 AM
Cool, gave your last post flying marks ;-)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide