02-03-2009 08:25 AM - edited 02-21-2020 04:08 PM
Good evening,
I should make a question about using crypto map.
Can I use a different crypto map for every lan-to-lan IpSec tunnel?
I ask this question because from my test my result was that I can use only a cypto map that will used by every tunnel.
Who can confirm or deny?
Any information that you can send me are welcomed.
Best Regards
--
Davide Sacca'
02-03-2009 09:20 AM
Hi Davide,
You can use a single crypto map per interface, meaning that if you are going to have lan to lan connections to your external interface you can only use a single crypto map, however you can use multiple crypto sequence numbers to differentiate each tunnel.
02-05-2009 05:12 AM
Good evening Ivan,
thanks very much for your reply, if I could have another doubt.
Should I apply a new crypto map to a "virtual" interface which I will create under the outside interface?
For example under the interface GigabitEthernet0/0.1
Best Regards
--
Davide Sacca'
02-05-2009 08:11 AM
You will ned to apply that crypto map on the interface where your default gateway is found, if this is found on that vlan interface, and that vlan interface is the outside then you would need to apply it there.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide