Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
662
Views
0
Helpful
1
Replies

Site to site vpn SA520

brianedmond
Level 1
Level 1

‎04-08-2011 06:46 PM

I have an SA520W and have a working site-to-site vpn between my site and a peer IP.  The site-to-site is setup to a subnet on the remote end which is 10.23.x.x.  I only have access to a few host on the remote network. 

However I now need to setup a second vpn connection to the same network.  This is to a different subnet 175.31.x.x.  When I try to add the new configration which is effectively a duplicate of my existing setup with a new subnet I get the error:

  "Can't share IKE policy with different remote/local endpoint"

Is there a way to do what I require with the SA520W?

Thanks,

Brian

Labels:
0 Helpful
1 Reply 1

andamani
Cisco Employee
Cisco Employee

‎04-09-2011 06:27 PM

Hi,

I understand that you have a site to site tunnel between SA520 and other end.

Form you end you have allowed 10.23.x.x network to a few hosts on the other end.

Now you want to allow 175.31.x.x network from you end to access a same few hosts on the other end.

if the above senario is correct, then why are you creating a new tunnel. Just add the traffic in the interseting traffic. that is more than sufficient.

Hope this helps.

Regards,

Anisha

P.S.: please mark this thread as answered if you feel your query is resolved. Do rate helpful posts.

0 Helpful
Customers Also Viewed These Support Documents