09-19-2007 02:16 AM
Hi
I've set up a VPN tunnel between two PIXes (eg PIX A and PIX B) running 6.3(5). This works fine. I then tried to add another VPN tunnel from PIX A to a new PIX C. This didn't work! It would appear that I can only assign one crypto map, and therefore one tunnel, to one phyical interface on PIX A. Is this right? I assumed you could run multiple VPN tunnels from a single physical interface.
Any advise gratefully recevied!
Regards
Paul
Solved! Go to Solution.
09-19-2007 02:28 AM
You can use something like this
crypto map VPN-MAP 10 ipsec-isakmp
crypto map VPN-MAP 10 match address B-VPN
crypto map VPN-MAP 10 set peer b.b.b.b
crypto map VPN-MAP 10 set transform-set ESP-AES256-MD5
crypto map VPN-MAP 20 ipsec-isakmp
crypto map VPN-MAP 20 match address C-VPN
crypto map VPN-MAP 20 set peer c.c.c.c
crypto map VPN-MAP 20 set transform-set ESP-AES256-MD5
09-19-2007 02:28 AM
You can use something like this
crypto map VPN-MAP 10 ipsec-isakmp
crypto map VPN-MAP 10 match address B-VPN
crypto map VPN-MAP 10 set peer b.b.b.b
crypto map VPN-MAP 10 set transform-set ESP-AES256-MD5
crypto map VPN-MAP 20 ipsec-isakmp
crypto map VPN-MAP 20 match address C-VPN
crypto map VPN-MAP 20 set peer c.c.c.c
crypto map VPN-MAP 20 set transform-set ESP-AES256-MD5
09-19-2007 03:49 AM
Many Thanks - that's sorted it.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide