I'm in the process of moving my VPN environment to 2811 routers. I am moving one vendor over tomorrow that has two sources that need to connect to each of our IPs, these inside IPs are NAT'd to the real IPs at the firewall behind the router. I know I will find out tomorrow, but thought I would see if anyone saw a problem with this ACL used for the crypto map, would there be an issue having multiple sources (50.50.50.1 and .2 in file) connecting to same destinations? The IPs in this file are not the actual production IPs. Thanks.
If i understand you correctly, no it shouldn't be a problem at all. Each entry in your crypto map acl will create a separate pair of IPSEC SA's and there is no duplication.
Let me know if i have misunderstood your question.
If i understand you correctly, no it shouldn't be a problem at all. Each entry in your crypto map acl will create a separate pair of IPSEC SA's and there is no duplication.
Let me know if i have misunderstood your question.
Hey Jon, you understood correctly and confirmed what I thought. Thanks.
Getting Started
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:
