Solved: GETVPN

Rodrigo Gurriti · ‎01-10-2011

Hello,

I have a newbie question about GETVPN, I've done a LAB to check the fictionally and I had a problem on doing VPN tunnel on the KS.

My lab had a switch where i connected a 3 routers ( 1KS and 2 GM) I can get the traffic encrypted in between my 2 GM but when I try to access a loopback on my KS from any of the GM i fail.

I have full routing in between them.

Can the KS participate on the VPN or it can only be a KS

rahgovin · ‎01-10-2011

Hi,

Only traffic between GMs is encrypted in a GETVPN environment. And unfortunately, a KS cannot act as a GM as of now. You can deny control plane traffic(ping,telnet,ssh,routing updates) to be exempted from encryption so that use them between gms and Ks.

View solution in original post

rahgovin · ‎01-10-2011

Hi,

Only traffic between GMs is encrypted in a GETVPN environment. And unfortunately, a KS cannot act as a GM as of now. You can deny control plane traffic(ping,telnet,ssh,routing updates) to be exempted from encryption so that use them between gms and Ks.

Rodrigo Gurriti · ‎01-11-2011

Thanks Rahul Govindan,

silly question .... Can the KS play the two roles ? be a KS and GM at the same time?

rahgovin · ‎01-11-2011

Hi,

No. It cannot be the KS and GM at the same time. You need 2 different routers for that.