Thank you for your answer Karthik. I already configured this line. In mean time, I discovered that Loopback interface can not support "crypto map" command on it... Am I right? Do you have that kind of experience?

Thak you again.

Petar

Hi Petar,

It supports crypto map in loopback interface.

R2#sh runn int loopback 0
Building configuration...

Current configuration : 59 bytes
!
interface Loopback0
 no ip address
 crypto map test
end

R2#

There shouldn't be any problem. You can do with that

Regards

Karthik

I found that option on my Loopback interface, and I configured it (as you sugested). And it still does not work. IPsec tunnel is up, traffic goes through tunnel (goes in tunnel - statistics on my Cisco VPN client tell me that), but when I try to ping any address in vrf, that is not possible. I do not have any idea why this does not work. Only thing that I have to suspect is that for loopback interface and crypto map... I found here on a "Cisco support forum" that crypto map is not supported for loopback... This is the link for that answer: 

https://supportforums.cisco.com/discussion/10895791/ipsec-crypto-map-loopback#comment-9788656 

Guy that answered, his name on forum is: Javier Portuguez

Thank  you... If you have any idea, please help... :)

Petar

Hi Petar,

Here is the cisco document which says we can have ipsec tunnel over virtual tunnel interface with vrf using virtual-template option.

http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_vpnips/configuration/12-4t/sec-sec-for-vpns-w-ipsec-12-4t-book/sec-ipsec-virt-tunnl.html

Please let me know if this not meets your requirement

Regards

Karthik

Thank you Karthik... This is GRE tunnel, and inside it you put IPsec... I have something like that in my network... I know that this works... I need pure IPsec (I tried to configure just IPsec - the way I described it to you earlier - and it does not work)...

Thank you very much... You were real help today...

Sincerely,

Petar