08-02-2017 01:01 PM - edited 03-12-2019 02:46 AM
Hello,
I have a quick question.
Is it must to create two transformer sets for each crypto-map policies? or can I use already configured and being used in first crypto map transformer set to second crypto map policy? I have typed an example below.
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto map Outside-ATT1-crypto-map 1 match address ACL-1
crypto map Outside-ATT1-crypto-map 1 set peer 10.10.10.1
crypto map Outside-ATT1-crypto-map 1 set ikev1 transform-set ESP-AES-256-SHA
crypto map Outside-ATT1-crypto-map 1 set security-association lifetime seconds 28800
crypto ikev1 enable outside-ATT1
crypto map Outside-ATT-crypto-map interface outside-ATT1
-----------------------
crypto map Outside-ATT2-crypto-map 1 match address ACL-2
crypto map Outside-ATT2-crypto-map 1 set peer 10.10.10.2
crypto map Outside-ATT2-crypto-map 1 set ikev1 transform-set ESP-AES-256-SHA
crypto map Outside-ATT2-crypto-map 1 set security-association lifetime seconds 28800
crypto ikev1 enable outside-ATT2
crypto map Outside-ATT-crypto-map interface outside-ATT2
Thank you in advanced.
Anthonize
Solved! Go to Solution.
08-02-2017 05:52 PM
Hi
You can use
Regards
Dinesh Moudgil
P.S. Please rate helpful posts.
08-02-2017 05:52 PM
Hi
You can use
Regards
Dinesh Moudgil
P.S. Please rate helpful posts.
08-04-2017 07:12 AM
Thanks Dinesh.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide