Hi, First, you should apply the crypto to the physical an the logical interfaces.
Second, define only gre traffic for the access-list Third, try to change the IP MTU size because the fragmentation (1440 or lower ) or configure the interface command "ip ospf mtu-ignore " Last of all, multicast traffic cannot be "normally" be encrypted, that is the reason to use a GRE tunnel and then encrypt GRE traffic Cheers, Jose ""Claudio Spescha"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hello > > You should not encrypt the tunnel network itself. > First line of access-list 199 should be: access-list 199 deny ip 120.20.59.0 > 0.0.0.255 120.20.59.0 0.0.0.255 > The router can not build an OSPF adjacency on encrypted traffic. > > see you > Claudio Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=62141&t=62124 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
