- A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
Re: IPSec over Tunnel - not working !! [7:62124] posted 01/29/2003
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


First, you should apply the crypto to the physical an the logical

Second, define only gre traffic for the access-list

Third, try to change the IP MTU size because the fragmentation  (1440 or
lower ) or configure the interface command "ip ospf mtu-ignore "

Last of all, multicast traffic cannot be "normally" be encrypted, that is
the reason to use a GRE tunnel and then encrypt GRE traffic



""Claudio Spescha""  wrote in message
> Hello
> You should not encrypt the tunnel network itself.
> First line of access-list 199 should be: access-list 199 deny ip
> The router can not build an OSPF adjacency on encrypted traffic.
> see you
> Claudio

Message Posted at:
FAQ, list archives, and subscription info:
Report misconduct and Nondisclosure violations to abuse@xxxxxxxxxxxxxx