09-07-2019 09:34 PM - edited 02-21-2020 09:44 PM
I have two KS in the GETVPN topology. I just noticed some GM registered with the secondary KS.
Can I change them from backup KS to primary without network disconnection?
Do I only have to change the configuration in the GM or I have to change the configuration for the GM and KS?
Thanks, much appreciated !!
Solved! Go to Solution.
09-08-2019 04:02 AM
Hi,
Few GM's registering to secondary can only happen when either primary KS is not reachable or on the specific GM, which KS is configured first.
So first verify what was the reason for GM registering to secondary KS ?
Changing from backup KS to primary KS, will cause a network disruption specific to that GM, as it will re-register itself.
The configuration change is only needed on GM, where you change the order of KS.
Let me know if you have any further query.
Regards,
Pulkit
09-08-2019 04:02 AM
Hi,
Few GM's registering to secondary can only happen when either primary KS is not reachable or on the specific GM, which KS is configured first.
So first verify what was the reason for GM registering to secondary KS ?
Changing from backup KS to primary KS, will cause a network disruption specific to that GM, as it will re-register itself.
The configuration change is only needed on GM, where you change the order of KS.
Let me know if you have any further query.
Regards,
Pulkit
10-31-2019 04:01 AM
Thanks to clarify this as I have a similar sceanrio.
A GETVPN Deployment where I need to re register multiple GMs(Not all of them ) to a secondary KS instead of the primary KS.
I have changed the order of Key servers on the GM configuration , to force re registration , can I use clear crypto GDOI on that GM ? Will this affect only this GM traffic?
I have noticed this warning when issuing the command on the GM side ,that's why I'm confused about it :
GM2#clear crypto gdoi
% The Key Server and Group Member will destroy created and downloaded policies.
% All Group Members are required to re-register.
Are you sure you want to proceed ? [yes/no]
Does this command really affects other GMs ? I'm using it on a specific GM not on the KS.
Thanks in advance.
10-31-2019 07:48 AM
04-03-2020 02:09 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide