Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

How to configure only one end to initiate VPN?

PIX to PIX VPN working fine but I need to configure it in such a way that only the PIX1 is allowed to initiate the tunnel.

I tried removing the access-list on PIX 2 that is tied up to the crypto map but the VPN stops working.

Many thanks in advance.

Ben

1 REPLY
Cisco Employee

Re: How to configure only one end to initiate VPN?

You can configure one pix to accept dynamic vpn tunnel. That pix will only accept the connection and won't initiate.

Here is a sample configuration:

http://www.cisco.com/en/US/customer/products/sw/secursw/ps2308/products_configuration_example09186a0080094680.shtml

Hope this helps,

-Nairi

150
Views
0
Helpful
1
Replies
CreatePlease to create content