04-21-2003 04:42 AM - edited 03-09-2019 02:58 AM
hello,
at the moment, i have a crypto-map configured on my outside interface,
where my vpns are defined with each sequence number...
crypto map x ...
crypto map x interface outside
now i want to configure pix for vpn_client
so i create a dynamic-map
crpyo dynamic-map y
and apply it with crypto map interface outside
will this one work ...
as far as i know you can apply only one crypto-map per interface...
Best Regards
04-21-2003 06:45 AM
You apply the dynamic map to the crypto map with a command like:
crypto map map-name 100 ipsec-isakmp dynamic dynamic-map
You can only apply one crypto map to an interface.
04-21-2003 06:49 AM
what i want to ask is, shortly
can i assign a crypto map (i.e. for site to site vpn) and a dynamic crypto map on the same interface?
TIA
04-21-2003 10:13 AM
yes you can apply both the site-to-site VPN and a remote VPN map to an interface. They have to have the same crypto map id.
For example:
crypto dynamic-map remote 20 set transform-set vpn3-set
crypto map vpn-map 20 ipsec-isakmp
crypto map vpn-map 20 match address 101
crypto map vpn-map 20 set peer xx.xx.xx.xx
crypto map vpn-map 20 set transform-set vpn3-set
crypto map vpn-map 100 ipsec-isakmp dynamic remote
crypto map vpn-map interface outside
Enjoy
04-21-2003 10:33 PM
in your example,
how is the dynamic map applied to the interface,
with
crypto map vpn-map interface outside...
where as your dynamic map name is remote??
04-22-2003 05:46 AM
yes exactly!! Sorry about leaving that out.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: