Cisco Support Community
Community Member

IOS IPSEC VPN tunnels to multi-point

I have built VPN tunnel in the labs and implemented them successfully going over Internet by using two cisco 2621's ipsec IOS. But when i try to add one more node to my point-to-point VPN tunnel, I cannot get it to work. I even copy the configuration from Cisco "Configuring IPSec Between Three Routers Using Private Addresses". Any body know any main differences in the configuration from a point-to-point to point-to-multipoints, please advice, thanks.


Cisco Employee

Re: IOS IPSEC VPN tunnels to multi-point

I am not sure if you are looking to do a Hub & Spoke or a Fully meshed. but presuming you are doing a Hub & Spoke you can look at the following link: and see that for you to build another VPN tunnel just make sure to have a seperate instance of teh Crypto map applied and also a seperate Access-list defined which doesn't overlap with the first crypto traffic (defined in the First VPN tunnel traffic)

This should get you going,

Hope this helps,

Aamir Waheed

Cisco Systems, Inc.


Community Member

Re: IOS IPSEC VPN tunnels to multi-point

I mean to do Hub & Spoke, but I followed the Fully meshed article. Another grief i ran into, in the labs environment with three 2621 and one hub is that; It took a lot more details in defining the access-list, otherwise the access-list would get in the way of setting up the second spoke. In real life, the access-list would be more discret (easier). Thanks for the response.

CreatePlease to create content