09-19-2007 02:16 AM
Hi
I've set up a VPN tunnel between two PIXes (eg PIX A and PIX B) running 6.3(5). This works fine. I then tried to add another VPN tunnel from PIX A to a new PIX C. This didn't work! It would appear that I can only assign one crypto map, and therefore one tunnel, to one phyical interface on PIX A. Is this right? I assumed you could run multiple VPN tunnels from a single physical interface.
Any advise gratefully recevied!
Regards
Paul
Solved! Go to Solution.
09-19-2007 02:28 AM
You can use something like this
crypto map VPN-MAP 10 ipsec-isakmp
crypto map VPN-MAP 10 match address B-VPN
crypto map VPN-MAP 10 set peer b.b.b.b
crypto map VPN-MAP 10 set transform-set ESP-AES256-MD5
crypto map VPN-MAP 20 ipsec-isakmp
crypto map VPN-MAP 20 match address C-VPN
crypto map VPN-MAP 20 set peer c.c.c.c
crypto map VPN-MAP 20 set transform-set ESP-AES256-MD5
09-19-2007 02:28 AM
You can use something like this
crypto map VPN-MAP 10 ipsec-isakmp
crypto map VPN-MAP 10 match address B-VPN
crypto map VPN-MAP 10 set peer b.b.b.b
crypto map VPN-MAP 10 set transform-set ESP-AES256-MD5
crypto map VPN-MAP 20 ipsec-isakmp
crypto map VPN-MAP 20 match address C-VPN
crypto map VPN-MAP 20 set peer c.c.c.c
crypto map VPN-MAP 20 set transform-set ESP-AES256-MD5
09-19-2007 03:49 AM
Many Thanks - that's sorted it.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: