Solved: Many thanks Marius

mahesh18 · ‎02-19-2016

Hi everyone,

I need to create 5 ipsec l2l tunnels to remote sites.

Need to confirm i can only use single ASA physical interface to do this?

Regards

MAhesh

Marius Gunnerud · ‎02-20-2016

You only need 1 interface for this, and it is a very common practice. just define the same crypto map for all the l2l vpns but under different sequence numbers...for example:

crypto map testmap 5 match address <crypto ACL>

crypto map testmap 5 set ikev1 transform-set <transform-set name>

crypto map testmap 5 set peer <first l2l peer public IP>

crypto map testmap 10 match address <crypto ACL>

crypto map testmap 10 set ikev1 transform-set <transform-set name>

crypto map testmap 10 set peer <second l2l peer public IP>

--

Please remember to select a correct answer and rate helpful posts

--
Please remember to select a correct answer and rate helpful posts

View solution in original post

Marius Gunnerud · ‎02-20-2016