Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Basic PIX question

How many seperate VPN tunnels can you specify through crypto map statements?

7 REPLIES
Silver

Re: Basic PIX question

The data sheet specifies only the maximum number of tunnels simultaneously supported, ie the number of active tunnels. I believe the number of tunnels configured can exceed that number and is limited only by the size of the configuration file. You could refer to the data sheets to figure out the exact number of VPN tunnels simultaneously supported. http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_data_sheets_list.html

If you are looking for a configuration example, you can refer to the configuration example at http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080093bd3.shtml. PIX 'Central' in the config example is configured for VPN with two remote destinations.

New Member

Re: Basic PIX question

Thank You. 1 more question for you, for multiple tunnels, do you need more than 1 IP address to terminate them on? Or can 1 address serve as the endpoint for multiple tunnels?

New Member

Re: Basic PIX question

Yes, 1 address should suffice. For example, if you have a PIX firewall terminating a tunnel from a VPN router in LA or SF, those two remote devices will be terminating on the 'outside' interface (one IP address) of the PIX.

New Member

Re: Basic PIX question

Once again thank you.

New Member

Re: Basic PIX question

sorry 1 more question came to mind. Is the 1 address

capable of terminating dfferent types of tunells? ie

VPN clients and static VPN hosts?

Silver

Re: Basic PIX question

it is not a problem to have one pix, on one address, terminate both site to site tunnels as well as dynamically addressed vpn clients

New Member

Re: Basic PIX question

Thanks

121
Views
0
Helpful
7
Replies
CreatePlease to create content