Greetings and thanks gor your quick reply. I feel puzzled in 2 things.
1.My current tunnel from central to site 1 is in subnet 10.0.0.X /255.255.255.252(i.e 10.0.0.1 and .2)
Can the new tunnel for site 2 be 10.0.0.3-4 or a new subnet e.g. 126.96.36.199-2 is required?
2. I run 'show startup config' and found 2 crypto isakamp policys. See below (i have removed the real ip addresses with x1, x2,x3). How can i check which one is currently used?
crypto isakmp policy 1
crypto isakmp policy 2
crypto isakmp key xxxxx address x1
crypto isakmp key xxxxx address x2
crypto isakmp key xxxxx address x3
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto map SDM_CMAP_1 1 ipsec-isakmp
description Tunnel to x2
set peer x2
set transform-set ESP-3DES-SHA
match address 100
ip address 10.0.0.1 255.255.255.252
keepalive 1 3
tunnel source Dialer1
tunnel destination x2
ip address xxxxxx 255.255.255.0
ip access-group 107 in
ip nat outside
ip inspect SDM_MEDIUM out
dialer pool 2
no cdp enable
ppp authentication xxxx
ppp chap hostname xxxxx
ppp chap password 7 xxxxx
ppp pap sent-username xxxxxx password 7 xxxx
crypto map SDM_CMAP_1
I need to do this setup on an already configured router and my experience is basic so please be as descriptive as possible.
Again, thanks for your time :)