12-02-2014 06:13 PM
Today I got a problem with the vrrp.
the master controller was not pinging the standby controller and they do not syncroniser configuration.
after a night of work I discovered that the IPSEC tunnel between the two controller not mount because of "enable nat source for this vlan"
indeed the vrrp is about VLAN 1 and as explained in the "CLI Reference Guide" must not enable nat for VLAN 1 because it prevents communication between a controller and IPSEC pair
I hope that this post will be useful
ICT Network & Security Engineer
CCNP R/S | CCNA Security | ACMP|ACDX
[If my post is helpful please give kudos, or mark as solved if it answers your post.]