I am trying to configure a dynamic crypto map for use on a pure IPv6 network, on Cisco 15.2M. The problem is when I try to add an ipv6 access list to the dynamic crypto map, I get an error message. Below the config
crypto dynamic-map DYNMAP 5
set transform-set IPSECVPN-PeerA
set ikev2-profile IKEV2-SETUP-DYN
ipv6 access-list VPN_PEER_A_IPV6_ANY
permit ipv6 2001:1::/64 any
permit ipv6 2001:2::/64 any
But when I try to add the access list to the crypto map, I get the following error
access-list type conflicts with prior definitionERROR: "VPN_PEER_A_IPV6_ANY" is either an invalid name or the
list already exists but is the wrong type.
I believe this is due to 15.2 not supporting dynamic IPv6 crypto maps. Can anybody give me a hint?
Best Answer
I found the answer, Dynamic Crypto Maps with IPv6 are NOT SUPPORTED by Cisco IOS 15.2