Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
388
Views
0
Helpful
4
Replies

Pix 515E L2TP

lincolnp1
Level 1
Level 1

‎04-19-2005 11:07 PM - edited ‎02-21-2020 12:05 AM

Hi, pls provide assistance if one has a requirement to configure multiple L2TP clients then how does one associate the new L2TP vpdn group with the crypto map

Regards

Lincoln

0 Helpful
4 Replies 4

aashish.c
Level 4
Level 4

‎04-20-2005 10:12 PM

Hi,

L2TP tunnel is mjtually exclusive than IPSEC tunnel, Though the VPDN commands in "sh run" come after ISAKMP commands .

You cannot associate L2TP with crypto maps, crypto maps are only used for IPSEC tunnels. but if there are already existing VPDN commands for a tunnel, then you can add more VPDN commands, if you want.

pls update for further queries

regards

aashish C

0 Helpful

lincolnp1
Level 1
Level 1
In response to aashish.c

‎04-21-2005 02:00 AM

Hi Aashish,

I've heeded your advice & configured the 2nd vpdn parameters.

My question is that once the client authenticates using username Hanuman & password how does the pix know which dialer pool to associate this user with.

I've attached a copy of both vpdn group configs.Group L2TP-VPDN-GROUP was previously configured & works.

Group L2TP-VPDN-GROUP-BCX is the new group.

vpdn group L2TP-VPDN-GROUP accept dialin l2tp

vpdn group L2TP-VPDN-GROUP ppp authentication chap

vpdn group L2TP-VPDN-GROUP client configuration address local CISCO

vpdn group L2TP-VPDN-GROUP client authentication local

vpdn group L2TP-VPDN-GROUP l2tp tunnel hello 60

vpdn group L2TP-VPDN-GROUP-BCX accept dialin l2tp

vpdn group L2TP-VPDN-GROUP-BCX ppp authentication chap

vpdn group L2TP-VPDN-GROUP-BCX client configuration address local Mataj1

vpdn group L2TP-VPDN-GROUP-BCX client authentication local

vpdn group L2TP-VPDN-GROUP-BCX l2tp tunnel hello 60

vpdn username Mother password ********

vpdn username Hanuman password *******

vpdn enable outside

I appreciate your assistance ...

Regards

Lincoln

0 Helpful

aashish.c
Level 4
Level 4
In response to lincolnp1

‎04-21-2005 05:31 PM

Hi,

as the user will authenticate himself with "Hanuman" , as it is listed under VPDN group L2TP-VPDN-GROUP-BCX so "Mataj1" pool will be used. not the "CISCO" pool.

pls update for any other query

regards

aashish C

0 Helpful

lincolnp1
Level 1
Level 1
In response to aashish.c

‎04-21-2005 07:13 PM

Hi,

this is exactly the question we are asking ourselves. How does the pix know which username is associated to which pool.

The vpdn username when created does not allow one to associate it with an ip pool ...

Regards

Lincoln

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card