I am testing to see how many IPSEC vpn tunnels you can place on a single outside interface of an ASA 5520 or whether each additonal vpn tunnel must be on separate interfaces nameif'd outside2, outside3, etc.
I had one working vpn on the initial outside interface [sh ipsec sa, sh isakmp sa]. I then created a second outside interface (outside2), a second crypto map, added the isakmp enable outside2 to the same policy 1 then created a second ACL. Both outside interfaces are wired up the two FA int on a single upstream router.
Result:
I get EIGRP errors; EIGRP can't find host and lists the IP address of its upstream /30 interface. The outside interfaces have extended ip any any and associated access groups to remove any doubt.
Any insight on the best practices to setup more than one IPSEC vpn tunnel on an ASA 5520?