I have implemented two different Cisco routers at a site that have both run into the same issue. For a handful of spokes in the DMVPN "cloud" they cannot seem to automatically resolve the public IP address mapping for the private address automatically. I am having to manually go in to the tunnel interface and statically define the mapping. What is strange is that it is successfully mapping the addresses for around 80% of the locations and it isn't 100% consistent with which locations it is struggling. When this problem is occurring for a given location I will generally see an entry under sho dmvpn of:
# Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb
----- --------------- --------------- ----- -------- -----
4 UNKNOWN 192.168.1.10 IKE never IX
0 UNKNOWN 192.168.1.50 IKE never IX
0 UNKNOWN 192.168.2.10 IKE never IX
0 UNKNOWN 192.168.3.10 IKE never IX
Additionally, it has these entries for individual hosts on the subnet behind the DMVPN router that provides connectivity to the site. The workaround I have been doing to statically resolve for a site is under the tunnel interface:
tunnel 1
ip nhrp map 192.168.251.1 xx.xx.xx.xx (xx's represent the public IP address)
After completing this manual mapping, connectivity to the site works without issue. The primary symptom that brought this to our attention was users getting one-way audio between sites, because interestingly enough, the other side of the spoke does not have this issue (other than the user at the problem site complaining about one-way audio).
Any help or advice on this issue would be greatly appreciated.
No comments:
Post a Comment