07-16-2008 11:32 AM - edited 02-21-2020 03:49 PM
I'm able to successfully create two different ipsec tunnels and I need them to both be operational at the same time. However, when I "crypto map" to the outside (physical) interface of my PIX 515, only one of them is operational at once. The tunnels go to two different locations, different peers and different shared keys. Do I need to setup a logical interface and map to that for each or what? Any help is appreciated. I apologize if I didn't spend enough time searching the forum for a answer, but I did try :-). If you could point me to a configuration example for this, that'd be great. Thanks in advance for your help.
Mike
Solved! Go to Solution.
07-16-2008 11:50 AM
use different sequence-numbers for different vpns.
crypto map outside_map 10 match address outside_10_cryptomap
crypto map outside_map 10 set peer 192.168.10.10
crypto map outside_map 10 set transform-set ESP-3DES-SHA
crypto map outside_map 20 match address outside_20_cryptomap
crypto map outside_map 20 set peer 192.168.20.20
crypto map outside_map 20 set transform-set ESP-3DES-SHA
crypto map outside_map interface outside
07-16-2008 11:50 AM
use different sequence-numbers for different vpns.
crypto map outside_map 10 match address outside_10_cryptomap
crypto map outside_map 10 set peer 192.168.10.10
crypto map outside_map 10 set transform-set ESP-3DES-SHA
crypto map outside_map 20 match address outside_20_cryptomap
crypto map outside_map 20 set peer 192.168.20.20
crypto map outside_map 20 set transform-set ESP-3DES-SHA
crypto map outside_map interface outside
07-16-2008 02:28 PM
that's it exactly. thank you very much for your help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide