IOS IPSEC VPN tunnels to multi-point

v.kanjana · ‎06-19-2002

I have built VPN tunnel in the labs and implemented them successfully going over Internet by using two cisco 2621's ipsec IOS. But when i try to add one more node to my point-to-point VPN tunnel, I cannot get it to work. I even copy the configuration from Cisco "Configuring IPSec Between Three Routers Using Private Addresses". Any body know any main differences in the configuration from a point-to-point to point-to-multipoints, please advice, thanks.

vic.

awaheed · ‎06-19-2002

I am not sure if you are looking to do a Hub & Spoke or a Fully meshed. but presuming you are doing a Hub & Spoke you can look at the following link:

http://www.cisco.com/warp/public/707/ios_hub-spoke.html and see that for you to build another VPN tunnel just make sure to have a seperate instance of teh Crypto map applied and also a seperate Access-list defined which doesn't overlap with the first crypto traffic (defined in the First VPN tunnel traffic)

This should get you going,

Hope this helps,

Aamir Waheed

Cisco Systems, Inc.

-=-=-

v.kanjana · ‎06-20-2002

I mean to do Hub & Spoke, but I followed the Fully meshed article. Another grief i ran into, in the labs environment with three 2621 and one hub is that; It took a lot more details in defining the access-list, otherwise the access-list would get in the way of setting up the second spoke. In real life, the access-list would be more discret (easier). Thanks for the response.