Hurricane Electric's IPv6 Tunnel Broker Forums

Please login or register.

Login with username, password and session length
Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Author Topic: Auto-update on Cisco 897 (might work on 887, 877, 867?)  (Read 374 times)

postipuuntie

  • Newbie
  • *
  • Posts: 1
    • View Profile
Auto-update on Cisco 897 (might work on 887, 877, 867?)
« on: January 27, 2017, 06:00:26 AM »

Since I have been using Hurricane IPv6 tunnel on four different Cisco platform (877, 887, 867VAE and 897) for few years, I have seen certain problems with auto-update and certificate installation is sometimes major PITA.

However, my current router 897 and IOS (15.2.(4)M4) seems to update endpoint correctly, without need to manually install certificate. Here is software information from show hard-command:
Cisco897VA#sh hard
Cisco IOS Software, C800 Software (C800-UNIVERSALK9_NPE-M), Version 15.2(4)M4, RELEASE SOFTWARE


Solution for keeping certificate current is really simple, issue the following commands in config mode (conf term):
crypto pki trustpoint tunnelbroker
 enrollment url http://www.tunnelbroker.net:80
 revocation-check crl


These commands fetch tunnelbroker-certificate automatically and checks validity. I found this purely accidentally, when I tried to find easier way to manage site-certificate.
Logged