Hi,
I'm trying to configure multiple WebVPN gateways on one router using one front door VRF and multiple back door VRF's. Think of this like a cloud service provider with several customers using different VRFs and one Internet VRF used for the incoming connections for the remote users.
Doing so, several scenarios arise:
Using one gateway and several context with a seperate VRF for each.
Please let me know if I am wrong here:
I can only assign one trustpoint because I only have one gateway. This means that all users connecting can only use one domain name like "*.isp.com". This also implies the use of a wildcard certificate.
Using several gateways and several context with a seperate VRF for each.
I can only assign multiple trustpoints because I only have one gateway. This means that users connecting can use multiple domains name like "webvpn.clientA.com" and "webvpn.clientB.com".
I would prefer the first situation but then I run into a second problem:
There are several commands related to hostname and up till now I have not figured out which one does exactly what:
ROUTER(config)#webvpn gateway WEB_GW
ROUTER(config-webvpn-gateway)#hostname
ROUTER(config)#webvpn context CUST1_CT
ROUTER(config-webvpn-context)#gateway WEB_GW domain
ROUTER(config-webvpn-context)#gateway WEB_GW virtual-host
Is there anyone who can explain to me what exactly does what?
My personal guest is that I only need to configure the virtual-host like this" CUST1_CT -> virtual-host cust1.isp.com and CUST2_CT -> virtual-host cust2.isp.com". But I'm not sure about this and up till now I have not found any documentation that describes this very clearly.