ASA Crypto Map Question

Unanswered Question
Feb 17th, 2009
User Badges:
  • Bronze, 100 points or more

I have roughly 80 sites I need to configure for VPN. Do I have to specify a separate tunnel-group and crypto map sequence number for each? i.e.


site A:

crypto map CisoMap 111 match address 55

crypto map CisoMap 111 set peer 1.1.1.1

crypto map CisoMap 111 set transform-set CiscoXform


tunnel-group 1.1.1.1 type ipsed-l2l

tunnel-group 1.1.1.1 ipsec-attributes

pre-shared-key *



site B:

crypto map CisoMap 222 match address 55

crypto map CisoMap 222 set peer 2.2.2.2

crypto map CisoMap 222 set transform-set CiscoXform


tunnel-group 2.2.2.2 type ipsed-l2l

tunnel-group 2.2.2.2 ipsec-attributes

pre-shared-key *


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Ivan Martinon Tue, 02/17/2009 - 10:07
User Badges:
  • Cisco Employee,

Your statement is correct, you need to define a separate crypto map (diff seq no and same name) for each vpn and a separate tunnel-group for each

DialerString_2 Tue, 02/17/2009 - 10:08
User Badges:
  • Bronze, 100 points or more

Imartino,


Hey thanks for the quick reply!!!!! I was editing my post when you responded.


Thanks again, Imartino.

Actions

This Discussion