ipsec tunnel to loopback addr

between a 3640 running 12.3(5) and a pix 506 running 6.3(4) and cisco remote vpn client.

stalls at AG_NO_STATE with either endpoint

assigning same crypto map to Multilink int works fine

crypto isakmp client configuration group 3000client key ********* dns domain x.x pool ippool acl 103 ! ! crypto ipsec transform-set myset esp-3des esp-sha-hmac ! crypto dynamic-map dynmap 10 set transform-set myset ! ! crypto map clientmap client authentication list userauthen crypto map clientmap isakmp authorization list groupauthor crypto map clientmap client configuration address respond crypto map clientmap 1 ipsec-isakmp set peer x.x.x.x set transform-set myset match address 104 crypto map clientmap 10 ipsec-isakmp dynamic dynmap

anything different, or limited, about assigning a crypto map to a router loopback addr than other types of interfaces? thanks

Reply to
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.