Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
259
Views
0
Helpful
1
Replies

Add Crypto map to an internal Interface...

pavlosd
Level 2
Level 2

‎04-15-2009 05:12 AM

Hi All,

Assume that we have a 2-interface router.

Assume Fa0 is connected to internet and Fa1 is connected to local Lan and both interfaces with public addresses. Is there a way to have crypto map to the internal interface insted of the public interface? I remember I saw somewhere examples of crypto map assigned on the loopback address.

Labels:
0 Helpful
1 Reply 1

Ivan Martinon
Level 7
Level 7

‎04-15-2009 06:45 AM

The crypto map has to be applied to he interface that receives the encrypted traffic, if your internal interface is going to receive that encrypted traffic then you will have no problem with that, however if the traffic is going to be received on the interface connected to the internet you need to apply the crypto map there. There is something else to do when you want to use another ip address than the one you have on the interface facing the internet, thatis the "local-address" feature, which allows you to use another ip address as the VPN source for identification.

crypto map local-address ifname

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents