Ok, let me simplify this some.
I need to connect my DMVPN router to another DMVPN router that is not part of my network.
Since my network is smaller, the changes will be made on my 2951 router.
I will need to add a 2nd crypto keychain profile with CompA pre-shared key password and another crypto isakamp profile to my 2951 router.
Also we will be adding a tunnel to my 2951 and to their router. This is a phase 3 DMVPN network.
My current keyring is below:
crypto keyring dmvpn1_keyring vrf dmvpn1
pre-shared-key address 0.0.0.0 0.0.0.0 key abc123
Is the solution as simple as just creating another keyring with CompA PSK?
crypto keyring CompA_keyring vrf dmvpn1
pre-shared-key address 0.0.0.0 0.0.0.0 key compA4567
Can the two keyrings share the same VRF (dmvpn1) without issues?
Will there be disruption when 2nd keyring is added? Hopefully the 2nd keyring won't interfere with my existing nodes that are using my original dmvpn1_keyring.
Not too worried about the 2nd crypto isakamp profile, that is just a statement applied to the new Tunnel interface.
No comments:
Post a Comment