stack your knowledge: IOS IPsec ezVPN server – part I

http://staystack.blogspot.com/2013/04/ios-ipsec-ezvpn-server.html

Helpful article, though I wasn’t working with ezVPN.  The ‘reverse-route’ component was a critical one I was missing, though I’m pretty sure it’s still not going to get me where I need to go.   I’m attempting to get a software VPN client configuration to work with a router that’s also performing IPSec VPN in conjunction with VRF and zone firewall.  We’ve already encountered one show-stopping bug between ZBF/ZFW and NAT virtual interface (NVI), and I’m fairly sure about five steps down the road from reverse route injection that we’ve encountered yet another bug that will prove fatal in this endeavor as well.

No matter I guess.  Probably need to get this lab back to a more standard configuration in any case.  If you do happen to encounter a problem with ZFW, VRF, and software VPN client I’d love to hear about it in the comments.  Always nice to know you’re not the only one Cisco’s feature sets are leaving up a creek. If I get time, I’ll try to post a more detailed configuration example and steps that lead me to this conclusion.  I still haven’t completely disproven it, and haven’t run any debugs at all yet, so there’s still a slim possibility it could actually function.