Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
549
Views
0
Helpful
1
Replies

Question about LAN to LAN vpn

Reedik Leitsar
Level 1
Level 1

‎03-28-2012 11:41 AM

Hi to everyone,

I have a question about VPN, i have Cisco 1941(with security lic) and i have been asked to make a VPN with public IP addresses so there will be no info about internal networks. Other side has ASA 5520 and they provided me with 2 public IP addresses. i have done many different VPNs but this is first with public IP addresses and i cannot figure it out.

So here is the question:

1. How to do it ? (maybe some example)

2. Do i need two public IPs to do it ?

Labels:
0 Helpful
1 Reply 1

vincent.monnier
Level 1
Level 1

‎03-30-2012 02:18 AM

Hi,

May be you have been provided with 2 public IP addresses   because one is the failover for the other. In that case, you can

configure 2 vpn peer for the same crypto map.

crypto map MYVPN 1 ipsec-isakmp

set peer PUBIP_ONE

set peer PUBIP_TWO

set transform-set TRANSFORM-SET

match address 100

qos pre-classify

In that case, the router would try to negociate the VPN with the first IP and if it fails, it would try with the second.

If the tunnel traffic is initiate by the ASA, any of the two addresses that begin to negociate the tunnel would managed to negociate.

Vincent

0 Helpful
Customers Also Viewed These Support Documents