Solved: Multiple site-to-site vpn configuration

m.dehler · ‎07-16-2008

I'm able to successfully create two different ipsec tunnels and I need them to both be operational at the same time. However, when I "crypto map" to the outside (physical) interface of my PIX 515, only one of them is operational at once. The tunnels go to two different locations, different peers and different shared keys. Do I need to setup a logical interface and map to that for each or what? Any help is appreciated. I apologize if I didn't spend enough time searching the forum for a answer, but I did try :-). If you could point me to a configuration example for this, that'd be great. Thanks in advance for your help.

Mike

a.alekseev · ‎07-16-2008

use different sequence-numbers for different vpns.

crypto map outside_map 10 match address outside_10_cryptomap

crypto map outside_map 10 set peer 192.168.10.10

crypto map outside_map 10 set transform-set ESP-3DES-SHA

crypto map outside_map 20 match address outside_20_cryptomap

crypto map outside_map 20 set peer 192.168.20.20

crypto map outside_map 20 set transform-set ESP-3DES-SHA

crypto map outside_map interface outside

View solution in original post

a.alekseev · ‎07-16-2008