Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
346
Views
0
Helpful
1
Replies

multiple instances of dynamic vpn

ronshuster
Level 1
Level 1

‎01-04-2011 06:51 AM

We currently have a number of remote sites connecting to our head office using dynamic VPN (DefaultL2LGroup),

I would like to know if it is possible to have multiple instances of this, ie. have different groups with different properties (interesting traffic, key, etc.)

As far as I see on the IOS and online, there is only one instance of this available.

Labels:
0 Helpful
1 Reply 1

Ivan Martinon
Level 7
Level 7

‎01-04-2011 10:49 AM

The only possible way to have this would be to land each dynamic connection to a separate tunnel-group, and the only way to do this would be to use certificates as the ike negotiation rather than preshared key, with pki you can use a value of the cert to match it to a specific tunnel group or use the fqdn for tunnel group matching.

0 Helpful
Customers Also Viewed These Support Documents