Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
633
Views
0
Helpful
3
Replies

Cisco 800 : Configuring IPsec LAN-to-LAN tunnel and VPN remote access on each "side"

Go to solution
ndespature
Level 1
Level 1

‎03-17-2020 10:27 AM

Hello,

I would like to know if it is possible to configure VPN remote access on both sites of a IPSec tunnel ?

Currently 2 sites are connected via L2L Ipsec tunnel. Teh tunnnel is restriceted to the use of 2 backup syustèmes on each side. Due to the recent situation, we need to cofnigure remote access on both sites. Both sites are dedicated to separate (but nontheless sister) companies and DSL lines on both sites are rather weak. 2 reason why I cannot expand the use of the L2L tunnel.


I'm using configurations similar to https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/46242-lan-to-lan-vpn-client.html on each cisco 867VAE routers but I can only get the remote access OR the L2L to "work". Do you have any idea to have this problem solved ?


Thank you.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
ndespature
Level 1
Level 1
In response to ndespature

‎03-19-2020 06:51 AM

I actually I managed to solve this problème with an IPSec VPN remote access on router B.

 

If someone else has the issue, please make sure that the crypto dynmaps priority are higher than the static crypto maps. That should do the trick.

 

Thanks to the people who have answered this thread.

 

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Rob Ingram
VIP
VIP

‎03-17-2020 10:31 AM

Hi,

Yes this is possible. You can use FlexVPN which supports Site-to-Site and Remote Access VPN on the same cisco router.

 

Example of Remote Access VPN here.

 

HTH

0 Helpful

Go to solution
ndespature
Level 1
Level 1
In response to Rob Ingram

‎03-19-2020 01:39 AM - edited ‎03-19-2020 01:46 AM

Thank you RJI.

I'll have a look at the flexVPN solution you've linked. But I was wondering : doesn't  Anyconnect request licences now (for more than 2 users)?

 

Here is what I'm trying to achieve :

 

(VPN remote clients)------[router A]=====L2L Ipsec Tunnel=====[Routeur B]-------(VPN Remote clients)

 

Actually I already have 1 IPSec VPN Remote access currently working on router A. But when I try to configure another IPSec remote access on router B, I loose L2L access...

 

 

0 Helpful

Go to solution
ndespature
Level 1
Level 1
In response to ndespature

‎03-19-2020 06:51 AM

I actually I managed to solve this problème with an IPSec VPN remote access on router B.

 

If someone else has the issue, please make sure that the crypto dynmaps priority are higher than the static crypto maps. That should do the trick.

 

Thanks to the people who have answered this thread.

 

0 Helpful
Customers Also Viewed These Support Documents