Interface Tunnel 0 changed my life. Not really but really cool
So I learned something new from one of our Sr. Guys at work about building VPN's. I have always built them using a Cryptomap and ACL to define the traffic. Always a pain with CLI and I have to use a template. I soon discover CCP and was using the GUI and banging them out and if it hat NAT enabled No problem. CCP would add a route map statement and I was off and running. So I got the "here do it this way" conversation and I looked at the config and was like, huh, what, you cant, how?? Not sure what rock that I have been living under but building a Tunnel unnumbered and making a static route to define your traffic is way easier. One static route of 0.0.0.0 0.0.0.0 next hop for unprotected traffic and a static route back to the corp office peer for IPsec traffic and your good. Where is this in Cisco's curriculum? Is this a CCNP-S topic. I researched GRE tunnels and Site-to-site and finally came across a blog about Tunnel Interfaces and the new technology from IOS 15.
“The problem with quotes on the Internet is that you can’t always be sure of their authenticity.” ~Abraham Lincoln
Comments
Security: CCNA [ ]
Virtualization: VCA-DCV [ ]
Crypto isakmp policy "enter a number here"
H Hash "sha"
A Authentication "pre share"
G Group "2"
L Lifetime "86400"
E Encryption "aes"
PS
It is very cool.