ipexpert CCIE Security WB Section 8: VPN Concentrator
My Notes from my early morning of study!
- The Autonymous System checkbox on the VPN 3000 does NOT redistribute connected networks! Therefore you have to enable OSPF on the inside interface even though there are no OSPF neighbors there.
- When configuring ezvpn VERIFY the IP address of the peer. DUH. If I hadn’t goofed this up I would have finished a 3 hour lab (According to the WB) in an hour and a half:
R4#telnet 10.1.1.1 /source-interface l0
Trying 10.1.1.1 ...
*Aug 23 16:42:28.758: %CRYPTO-6-EZVPN_CONNECTION_DOWN: (Client)
User= Group=EZVPN Client_public_addr=192.1.24.4
Server_public_addr=192.168.24.5
Sticks out like a sore thumb after you see it.
