04-19-2005 11:07 PM - edited 02-21-2020 12:05 AM
Hi, pls provide assistance if one has a requirement to configure multiple L2TP clients then how does one associate the new L2TP vpdn group with the crypto map
Regards
Lincoln
04-20-2005 10:12 PM
Hi,
L2TP tunnel is mjtually exclusive than IPSEC tunnel, Though the VPDN commands in "sh run" come after ISAKMP commands .
You cannot associate L2TP with crypto maps, crypto maps are only used for IPSEC tunnels. but if there are already existing VPDN commands for a tunnel, then you can add more VPDN commands, if you want.
pls update for further queries
regards
aashish C
04-21-2005 02:00 AM
Hi Aashish,
I've heeded your advice & configured the 2nd vpdn parameters.
My question is that once the client authenticates using username Hanuman & password how does the pix know which dialer pool to associate this user with.
I've attached a copy of both vpdn group configs.Group L2TP-VPDN-GROUP was previously configured & works.
Group L2TP-VPDN-GROUP-BCX is the new group.
vpdn group L2TP-VPDN-GROUP accept dialin l2tp
vpdn group L2TP-VPDN-GROUP ppp authentication chap
vpdn group L2TP-VPDN-GROUP client configuration address local CISCO
vpdn group L2TP-VPDN-GROUP client authentication local
vpdn group L2TP-VPDN-GROUP l2tp tunnel hello 60
vpdn group L2TP-VPDN-GROUP-BCX accept dialin l2tp
vpdn group L2TP-VPDN-GROUP-BCX ppp authentication chap
vpdn group L2TP-VPDN-GROUP-BCX client configuration address local Mataj1
vpdn group L2TP-VPDN-GROUP-BCX client authentication local
vpdn group L2TP-VPDN-GROUP-BCX l2tp tunnel hello 60
vpdn username Mother password ********
vpdn username Hanuman password *******
vpdn enable outside
I appreciate your assistance ...
Regards
Lincoln
04-21-2005 05:31 PM
Hi,
as the user will authenticate himself with "Hanuman" , as it is listed under VPDN group L2TP-VPDN-GROUP-BCX so "Mataj1" pool will be used. not the "CISCO" pool.
pls update for any other query
regards
aashish C
04-21-2005 07:13 PM
Hi,
this is exactly the question we are asking ourselves. How does the pix know which username is associated to which pool.
The vpdn username when created does not allow one to associate it with an ip pool ...
Regards
Lincoln
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide