I have a router that is currently supporting a central office and a single crypto map vpn tunnel. It also supports a connection to a 3rd party network via a client initiated l2tp tunnel.
UPDATE: fogotten details: router 1841, with 12.4(15)T4
I have a need to begin supporting multiple branch office VPNs so I wanted to implement dmvpn, I also wanted to clean up the config a little.
After switching to the new config, the l2tp tunnel was unable to connect, other than cleaning up and reorganizing I don't believe I changed the what is being filtered, but I did switch from "allow established" to reflexive ACLs.
Also I need to filter traffic from the 3rd party's tunnel from accessing our internal nets, can an inbound ACL be applied to the Virtual-PPP interface, or do I need block with outbound ACLs on our internal interfaces?
cofigs (current-messy;new-clean) and error from l2tp connection attempt attached.