Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
933
Views
0
Helpful
2
Replies

IPSEC w/ ISL VLAN

jtutokey
Level 1
Level 1

‎01-17-2001 02:54 PM - edited ‎02-21-2020 11:16 AM

I am having a problem getting IPSEC to work on a router that is used as a intra-VLAN router. The "crypto map toShipping" is bound to fast ethernet 0/0.4 (ip address 208.50.0.163) on a 2621. If I do a "debug crypto ipsec" I see "1w0d: IPSEC(validate_proposal): invalid local address 208.50.0.163" over and over. Any ideas or directions would be of great help!! Thanks in advance!

Labels:
0 Helpful
2 Replies 2

andwhite
Level 1
Level 1

‎01-18-2001 02:25 PM

try create a loopback interface, say loopback10, configured with a valid address for your ip network.

(making sure you can access the ip address from the remote router!)

Then try the command

crypto map toShipping local-address Loopback10

then reboot or clear crypto isa and clear crypto sa at both ends at the same time...

0 Helpful

jtutokey
Level 1
Level 1
In response to andwhite

‎01-18-2001 02:45 PM

thanks for the reply, I opened a TAC case and got a resolution. Your pretty much right on the nose except Cisco personel had me enter the ethernet interface as the "local-address" via the command "crypto map toShipping local-address fast 0/0.4". It worked! Thanks for the reply, once again!

0 Helpful
Customers Also Viewed These Support Documents