Sign up and stay connected to your favorite communities.

sign uplog in
View
Sort
Coming soon
2

I always see NAT tutorials on configuring to an outside public pool, but what makes the IP's in the pool physically rout able? I'm assuming they would be added as subinterfaces on the WAN connection, is that the case?

I don't know how intentional it all is, but all I know is I was convinced that I failed in both ICND1 & 2, then wound up easily passing. It's your mind playing tricks on you or something.

5

Hi all,

With RSA signatures used to authenticate an IPsec VPN, shouldnt you see the device on the opposite end of the tunnel's public key. Reason i ask is because i have this configured and it is working but i do not see the R2 router's public key in the "sh cry key pubkey-chain rsa" command from R1. My understanding was that devices exchange their public keys to eachother but i only see the key from the CA on each end?

Maybe you have to run the command per-peer.

http://packetlife.net/blog/2009/jan/14/isakmp-associations-using-rsa-keys/

show crypto key pubkey-chain rsa address 10.0.23.3
see more
Original Poster2 points·5 months ago

That actually worked, thanks for the tip!

I tend to go topic by topic, meaning i read say a chapter on Ipsec, then read same IPsec chapter in alternate book, then watch any videos on IPsec that i own or can find on youtube and at that point is when i start mixing in some labbing.

Thanks a lot for the heads up! Much appreciated.

u/jboogie81
Karma
10
Cake day
April 26, 2013

Trophy Case (1)

Five-Year Club

Cookies help us deliver our Services. By using our Services or clicking I agree, you agree to our use of cookies. Learn More.