08-02-2017 01:01 PM - edited 03-12-2019 02:46 AM
Hello,
I have a quick question.
Is it must to create two transformer sets for each crypto-map policies? or can I use already configured and being used in first crypto map transformer set to second crypto map policy? I have typed an example below.
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto map Outside-ATT1-crypto-map 1 match address ACL-1
crypto map Outside-ATT1-crypto-map 1 set peer 10.10.10.1
crypto map Outside-ATT1-crypto-map 1 set ikev1 transform-set ESP-AES-256-SHA
crypto map Outside-ATT1-crypto-map 1 set security-association lifetime seconds 28800
crypto ikev1 enable outside-ATT1
crypto map Outside-ATT-crypto-map interface outside-ATT1
-----------------------
crypto map Outside-ATT2-crypto-map 1 match address ACL-2
crypto map Outside-ATT2-crypto-map 1 set peer 10.10.10.2
crypto map Outside-ATT2-crypto-map 1 set ikev1 transform-set ESP-AES-256-SHA
crypto map Outside-ATT2-crypto-map 1 set security-association lifetime seconds 28800
crypto ikev1 enable outside-ATT2
crypto map Outside-ATT-crypto-map interface outside-ATT2
Thank you in advanced.
Anthonize
Solved! Go to Solution.
08-02-2017 05:52 PM
Hi
You can use
Regards
Dinesh Moudgil
P.S. Please rate helpful posts.
08-02-2017 05:52 PM
Hi
You can use
Regards
Dinesh Moudgil
P.S. Please rate helpful posts.
08-04-2017 07:12 AM
Thanks Dinesh.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: