cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
332
Views
0
Helpful
2
Replies

Dynamic Crypto map & Defaultl2lGroup

taufeeq taufeeq
Beginner
Beginner

Dear All,

How many Defaultl2lGroups & dynamic crypto maps can be configured in a asa.

Why I need it?

Because all of our stores asa 5505 (having dynamic ip adresses) are connected to headend asa 5550 through dynamic vpn and headend has 2 ISPs.

Actually we have two lease lines one primary and other backup. Amazingly we have only one subnet inside. Now that primary link BW is fully occupied. I want to use the backup link too. I am wondering if I can have multiple dynamic crypto maps & multiple default tunnel groups . So that I can define servers in one vlan and users in other vlan. and with two dynamic crypto & default tunnel grps I am thinking to pass one subnet (part of 1st dynamic crypto & 1st defaut tunelgrp) and second subnet on the other link(2nd dynamic crypo & 2nd default tunel grp). By this way the user's vpn and internet trafic wil go through 1st link and servers vpn and internet traffic will go through second link at the same time both of the subnet vpn will have other link as backup for each other.

Please share possibilities.

Please share ur ideas.

Please help.

Thanks in Advance,

Regards,

taufeeq

1 Accepted Solution

Accepted Solutions

Hello Sr,

1 default policy

Up to 65535 crypto-map entries (Including statics and dynamics)

Remember to rate all of the helpful posts.

For this community that's as important as a thanks.

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

2 Replies 2

taufeeq taufeeq
Beginner
Beginner

14 views but not a single reply yet

waiting..waiting,,...waiting....for responses

Regards,

taufeeq

Hello Sr,

1 default policy

Up to 65535 crypto-map entries (Including statics and dynamics)

Remember to rate all of the helpful posts.

For this community that's as important as a thanks.

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers