Hi,

I'm trying to configure multiple WebVPN gateways on one router using one front door VRF and multiple back door VRF's. Think of this like a cloud service provider with several customers using different VRFs and one Internet VRF used for the incoming connections for the remote users.

Doing so, several scenarios arise:

Using one gateway and several context with a seperate VRF for each.

Please let me know if I am wrong here:

I can only assign one trustpoint because I only have one gateway. This means that all users connecting can only use one domain name like "*.isp.com". This also implies the use of a wildcard certificate.

Using several gateways and several context with a seperate VRF for each.

I can only assign multiple trustpoints because I only have one gateway. This means that users connecting can use multiple domains name like "webvpn.clientA.com" and "webvpn.clientB.com".

I would prefer the first situation but then I run into a second problem:

There are several commands related to hostname and up till now I have not figured out which one does exactly what:

ROUTER(config)#webvpn gateway WEB_GW
ROUTER(config-webvpn-gateway)#hostname

ROUTER(config)#webvpn context CUST1_CT

ROUTER(config-webvpn-context)#gateway WEB_GW domain

ROUTER(config-webvpn-context)#gateway WEB_GW virtual-host

Is there anyone who can explain to me what exactly does what?

My personal guest is that I only need to configure the virtual-host like this" CUST1_CT -> virtual-host cust1.isp.com and CUST2_CT -> virtual-host cust2.isp.com". But I'm not sure about this and up till now I have not found any documentation that describes this very clearly.