04-07-2003 09:33 PM - edited 02-21-2020 12:27 PM
I have an IOS router with two IPs on one interface. I need to use this interface to establish an IPSec tunnel. I would like to use the primary IP as the crypto endpoint when the router uses its primary IP and the second IP as the endpoint when the router uses the secondary IP to establish a tunnel. Right now the router always uses the primary IP as the endpoint. How can I get the router to automatically use the second IP as endpoint without having to manually change the config?
Thanks,
Diego
04-07-2003 09:52 PM
You can't do this. The router will always use the primary IP on the outgoing interface as the IPSec source, unless you use the "cry map
05-08-2022 04:35 AM
as stated by gfullage you can not use the secondary IP
But, you can use a loopback interface as IPSEC source
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide