Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
480
Views
5
Helpful
2
Replies

ASA Crypto Map Question

DialerString_2
Level 3
Level 3

‎02-17-2009 10:05 AM

I have roughly 80 sites I need to configure for VPN. Do I have to specify a separate tunnel-group and crypto map sequence number for each? i.e.

site A:

crypto map CisoMap 111 match address 55

crypto map CisoMap 111 set peer 1.1.1.1

crypto map CisoMap 111 set transform-set CiscoXform

tunnel-group 1.1.1.1 type ipsed-l2l

tunnel-group 1.1.1.1 ipsec-attributes

pre-shared-key *

site B:

crypto map CisoMap 222 match address 55

crypto map CisoMap 222 set peer 2.2.2.2

crypto map CisoMap 222 set transform-set CiscoXform

tunnel-group 2.2.2.2 type ipsed-l2l

tunnel-group 2.2.2.2 ipsec-attributes

pre-shared-key *

Labels:
0 Helpful
2 Replies 2

Ivan Martinon
Level 7
Level 7

‎02-17-2009 10:07 AM

Your statement is correct, you need to define a separate crypto map (diff seq no and same name) for each vpn and a separate tunnel-group for each

DialerString_2
Level 3
Level 3
In response to Ivan Martinon

‎02-17-2009 10:08 AM

Imartino,

Hey thanks for the quick reply!!!!! I was editing my post when you responded.

Thanks again, Imartino.

0 Helpful
Customers Also Viewed These Support Documents