Hi! Yesterday I was testing EasyVPN implementation in my tested and have noticed interesting behavior of reverse route injection feature (RRI) in conjunction with network extension mode (NEM) of operation. EasyVPN server on ASA with 8.2(3) OS can't inject routes for client loopback addressed, if address is configured on client with /32 bit mask. Any shorter mask makes thing works well. It was tested on Cisco IOS 12.4-24.T4 and 15.0-1.M4 on 881 and 877 models.
Another interesting result was received while testing NEM+. Although it is not supported on ASA, client can obtain address and it will be installed in routing table, but any other routes will not (although it is appears in SAs as proxy-identities).
So finally I should notice that DMVPN is removed from ASA OS 9.0 roadmap. Maybe we will wait until 10 branch ;)
Ciscoman's notes (Записки цыщика c дипломом)
суббота, 22 января 2011 г.
Подписаться на: Сообщения (Atom)
- ► 2015 (14)
- ▼ 2011 (21)