Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

You may experience some slow load times, errors, and slight inconsistencies. We ask for your patience as we finalize the launch. Thank you.

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started.

New Member

2 CRYPTO MAP WITH A SINGLE IPSEC PEER

hello,

is it possible to have 2 crypto map in a single ipsec peer?

(2 SUBNETS)PEER_A-------PEER_B(1 SUBNET)

see example below;

crypto map dyn-map 10 ipsec-isakmp

crypto map dyn-map 10 match address 110

crypto map dyn-map 10 set peer PEER_A

crypto map dyn-map 10 set transform-set myset

crypto map dyn-map 15 ipsec-isakmp

crypto map dyn-map 15 match address 120

crypto map dyn-map 15 set peer PEER_A

crypto map dyn-map 15 set transform-set myset

THIS IS BEACUSE IPSEC PEER B HAVE TO DO A VPN TUNNEL IN 2 DIFFERENT SUBNET WITH PEER B.

AM ASKING THIS BECAUSE AM GETTING ASEND ERROR ON SHOW IPSEC SA.

THANKS

  • Other Security Subjects
3 REPLIES
Silver

Re: 2 CRYPTO MAP WITH A SINGLE IPSEC PEER

I guess you cant do it even if you use different crypto instances. Wonder why you want to do it ?

New Member

Re: 2 CRYPTO MAP WITH A SINGLE IPSEC PEER

there are hosts in 2 different subnets in location A that users at location B wants to do VPN with.

Thanks.

New Member

Re: 2 CRYPTO MAP WITH A SINGLE IPSEC PEER

Yes you can achive this. Its working fine for me. My setup has got 20-25 subnets and also allwoing server /32 of different subnets.

Othere end vpn box is a third pary box, which needs different tunnels for each segments.

crypto map SDM_CMAP_1 1 ipsec-isakmp

set peer P.Q.R.S

set transform-set HOset

match address 101

crypto map SDM_CMAP_1 2 ipsec-isakmp

set peer P.Q.R.S

set transform-set HOset

match address 102

:

:

etc

:

interface FastEthernet0/1

description Interface Outside$FW_OUTSIDE$

ip address XX.XX.XX.XX

crypto map SDM_CMAP_1

132
Views
0
Helpful
3
Replies