08-02-2019 04:00 PM
hi
i have a vpn on a router interface, which has a crypto map applied
i am building another link to the peer device and configuring the interface with new IPs
question is, can i place the same crypto under the new interface?
my understanding is that this should not impact anything, as there will be no routing happing to that interface until i switch the traffic from peer device
Solved! Go to Solution.
08-05-2019 01:49 PM
08-03-2019 02:06 AM
08-05-2019 09:52 AM
thanks for the reply
i think i didnt explain completely.
theres no change to the crypto map, the ACLs remain the same
I just have to apply it to a new interface that i created between the inside device that will forward all traffic and the router which is encrypting all traffic. once encrypted, traffic goes out the vpn device through the same interface, but since dst IP has changed, its routed differently, to the outside network, and eventually to the not-changed IPSEC peer...
I guess my question is, theres not going to be any impact during the pre-work, as i apply the same crypto map to the new interface?
08-05-2019 01:49 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide