i've currently a site to site vpn with another cisco router with interface tunnels
i've such configuration:
interface Tunnel 22
ip address 10.1.1.1 255.255.255.252
tunnel source 22.214.171.124
tunnel destination 126.96.36.199
Now i want to add some other sites with Mikrotik
which is the best way to proceed?
i'm planning to create isakmp policy, crypto tranform set, crypto map...and finally, to apply the crypto map to outside interface, that is fa0/0
R1(config)#int fa 0/0
R1(config-if)#crypto map VPN_MAP
will it work??? or will it destroy the actual site to site that i've with tunnel 22?
There can only be one crypto map statement installed on an interface. There can be multiple sites and policies attached to that one crypto map.
Sent from Cisco Technical Support iPad App
But how to implement vpn with multiple sites, where in interface, could be applied only one crypto map???
could you please suggest some more details regarding your scenario...network topology and configuration?
Here is one site describing a setup where a single Crypto Map is used for L2L VPN and Client VPN (though in my opinion the Crypto Map name used in the configuration example could be missleading)
The key thing with Cisco routers as with ASAs with such setup is that you need to keep the
staments so that the "crypto map" statement meant for the VPN Clients (dynamic sessions) is kept at the very bottom by having a high value in the
I can't personally comment on the current connection with the Tunnel interface. I barely configure VPNs with Cisco routers. Most is done with ASAs and Routers mostly have L2L VPN connections only with Crypto Map configurations.
combination of VTIs and crypto map should work fine, I use this type of configuration all the time.
Please rate all helpful posts and close solved questions