source address for crypto map

Author	All Replies
kamikatze join:2007-11-02 1 edit	source address for crypto map Guys, is it possible to specify a source address for doing Site-to-Site IPSec? I have that crypto map applied to 2 Fa interfaces, and i want the source to be none of them but a Loopback or something within a subnet i advertise via BGP. The following doesn't seem to work: crypto isakmp profile ipsec-Sydney match identity address 49.x.x.x 255.255.255.255 local-address PLEASE.TAKE_ME.AS.SOURCE crypto map map-Sydney-1 2000 ipsec-isakmp description Sydney Tunnel set peer 49.x.x.x set transform-set AESset match address ipsec-Sydney set isakmp-profile ipsec-Sydney Router#sh crypto session \| i remote 49.x.x.x IKE SA: local NOT.IP.FROM.ISAKMP_PROFILE/500 remote 49.x.x.x/500 Inactive
kamikatze join:2007-11-02 1 edit	to forum · permalink · · 2008-08-15 15:40:44 ·
TomS_ debugger it Premium,MVM join:2002-07-19 Australia	I have done this before, I just had to figure out where the command was hiding. Try something like this: crypto map map-Sydney-1 local-address LoopbackX See how you go.
	to forum · permalink · · 2008-08-16 05:18:12 ·
kamikatze join:2007-11-02 1 edit	reply to kamikatze Thanks, specifying local-address for the entire crypto map works. Unfortunately i want a different source address just for seq 2000 of the map. I guess i'm out of luck.
kamikatze join:2007-11-02 1 edit	to forum · permalink · · 2008-08-16 08:27:57 ·


Tuesday, 01-Dec 23:15:58	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. page compression OFF