hello, I use CCP for creating site-to-site VPNs on a Cisco router. I need to use network objects on my ipsec rule for having multiple hosts but the network objects are only available on the access rules through access editor.
On the encryption domain dialogue on site-to-site VPN wizzard the access rules I have created from Access Editor window are not listed. Should I associate the rules with the interface to be listed???
I manage to create a VPN using an access rule by just inserting the access rule (that is not associated to any interface) number, - it wasn't listed on the access rules when I clicked select from the existing rules - the VPN worked but then another issue came up.
The issue is that when I created a second VPN the way I described above the public IP of the router is unreachable. No ping/ssh etc. I recover it by shh on private and reload with the old config. While the public interface seems down the VPNs I have already configured are up and running.
Though the router is going down when a new s-to-s VPN is created by using an access rule if I create a VPN with the way is shown on the image below everything works fine.
http://www.cisco.com/image/gif/paws/112153/ccp-vpn-asa-router-config-24.gif
but with that way I cannot have multiple hosts for my VPN.