03-12-2004 07:38 AM - edited 02-20-2020 11:17 PM
How many seperate VPN tunnels can you specify through crypto map statements?
03-18-2004 08:32 AM
The data sheet specifies only the maximum number of tunnels simultaneously supported, ie the number of active tunnels. I believe the number of tunnels configured can exceed that number and is limited only by the size of the configuration file. You could refer to the data sheets to figure out the exact number of VPN tunnels simultaneously supported. http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheets_list.html
If you are looking for a configuration example, you can refer to the configuration example at http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080093bd3.shtml. PIX 'Central' in the config example is configured for VPN with two remote destinations.
03-18-2004 01:12 PM
Thank You. 1 more question for you, for multiple tunnels, do you need more than 1 IP address to terminate them on? Or can 1 address serve as the endpoint for multiple tunnels?
03-19-2004 10:43 AM
Yes, 1 address should suffice. For example, if you have a PIX firewall terminating a tunnel from a VPN router in LA or SF, those two remote devices will be terminating on the 'outside' interface (one IP address) of the PIX.
03-19-2004 11:39 AM
Once again thank you.
03-19-2004 11:42 AM
sorry 1 more question came to mind. Is the 1 address
capable of terminating dfferent types of tunells? ie
VPN clients and static VPN hosts?
03-19-2004 12:09 PM
it is not a problem to have one pix, on one address, terminate both site to site tunnels as well as dynamically addressed vpn clients
03-19-2004 12:16 PM
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide