Re: Terminating a vpn on a loopback interface

jfawcett · ‎03-22-2006

Customer is using cisco vpn client 4.x for windows and terminating the ipsec tunnel on a cisco 7200 IOS router using a loopback interface. This works in IOS 12.3(15) but when we upgrade to 12.4(7):

the IKE phase 1 fails. But if we terminate the tunnel on the physical interace or create a sub interface it works OK for 12.4(7). Customer would prefer to use a loopback interface as it is always up. Has anyboby any suggestions or aware of any changes in 12.4(7) as to why it fails.

spremkumar · ‎03-22-2006

hi

hope this helps u out..

http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Service%20Providers&topic=MPLS&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1dd8efca

regds

jfawcett · ‎03-24-2006

Hi and thanks

It did help but probably not as it was supposed to.

By using these 3 commands in global mode

crypto map crypto_map_name local-address

and applying the crypto map to the loopback and the physical ethernet interface it all worked. (I suspect you should not need to apply it on the physical)

Any combination of 2 out of the 3 failed with different symptoms

1. tunnel would not establish

2. tunnel established but traffic flowed.

thanks again.

Jamie

telescopetechnologies · ‎04-11-2006

Hi Jamie,

I have the same problem, could you post your working

config?

Ta,

Doro