07-07-2015 11:26 PM - edited 02-21-2020 08:20 PM
Is it possible to create multiple IPSEC tunnels (site-to-site or RemoteAccess) with only one ISAKMP policy?
07-08-2015 08:08 AM
Yes, as long as it matches the peer policies, you do not need multiple ISAKMP policies.
Regards,
Puneesh
If you find the answer helpful, please mark it as correct so others can benefit from the discussion.
07-09-2015 12:30 AM
Hi Puneesh
Is isakmp policy IDs or names have to be same on both sides .
#crypto isakmp policy 100
Does policy number 100 has to be same on another device or devices?
07-09-2015 12:32 AM
This is the isakmp policy sequence number and is only locally significant.
Numbers do not need to match on both ends.
07-09-2015 12:39 AM
So if in my ASA I created 5 isakmp policies and 10 remote sites or remote vpn users , so they have to search my ASA in order to find isakmp policy that matches their's. Is this correct?
07-09-2015 12:41 AM
Yes, they search from top to bottom.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community
