Multiple Site-to-Site VPNs on a Cisco 831?

Unanswered Question
Aug 17th, 2007
User Badges:

I have one function site-to-site VPN tunnel on my Cisco 831. I want to add another one using the same external IP address. Is this possible or do I have to start hunting for a second Cisco 831 or a different device which allows multiple site-to-site VPNs on the same interface?


Thanks so much,


Brian

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Tshi M Fri, 08/17/2007 - 09:23
User Badges:
  • Silver, 250 points or more

I am not sure but using different sequence number should do the trick.

brianprice Fri, 08/17/2007 - 11:41
User Badges:

I am not familiar with sequencing configurations. Do you have an example which would allow me to virtualize the same interface fro two separate end-client peer addresses? For example, once I configurate the crypto map group and apply it to the interface, I can not apply the second crypto map statement to the interface. It only allows one at a time.

Tshi M Fri, 08/17/2007 - 11:48
User Badges:
  • Silver, 250 points or more

crypto ipsec transform-set MYVPNSITES esp-3des esp-md5-hmac

crypto map MYMAP 20 ipsec-isakmp

crypto map MYMAP 20 match address NY-LA

crypto map MYMAP 20 set peer X.X.X.X

crypto map MYMAP 20 set transform-set MYVPNSITES

crypto map MYMAP 30 ipsec-isakmp

crypto map MYMAP 30 match address NY-CHI

crypto map MYMAP 30 set peer Y.Y.Y.Y

crypto map MYMAP 30 set transform-set MYVPNSITES


The trick is to use the same crypto map but with different numbers (i.e. 20, 30, 40, etc)



Actions

This Discussion