ASA Crypto Map Question

Unanswered Question
Feb 17th, 2009

I have roughly 80 sites I need to configure for VPN. Do I have to specify a separate tunnel-group and crypto map sequence number for each? i.e.

site A:

crypto map CisoMap 111 match address 55

crypto map CisoMap 111 set peer 1.1.1.1

crypto map CisoMap 111 set transform-set CiscoXform

tunnel-group 1.1.1.1 type ipsed-l2l

tunnel-group 1.1.1.1 ipsec-attributes

pre-shared-key *

site B:

crypto map CisoMap 222 match address 55

crypto map CisoMap 222 set peer 2.2.2.2

crypto map CisoMap 222 set transform-set CiscoXform

tunnel-group 2.2.2.2 type ipsed-l2l

tunnel-group 2.2.2.2 ipsec-attributes

pre-shared-key *

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Ivan Martinon Tue, 02/17/2009 - 10:07

Your statement is correct, you need to define a separate crypto map (diff seq no and same name) for each vpn and a separate tunnel-group for each

DialerString_2 Tue, 02/17/2009 - 10:08

Imartino,

Hey thanks for the quick reply!!!!! I was editing my post when you responded.

Thanks again, Imartino.

Actions

This Discussion