L2L VPN connection-type with multiple peers in both sides
Hi tech guys. We have a problem with the connection-type (aka vpn initiator) due to we have two peers (two isp) in both sides of the vpn tunnel...
We need to find a way to can get a one-way initiator vpn. That's easy with only one side with dual isp, dual isp side is answer-only and the single isp side is originate-only, but it become a problem when the single isp side upgrades to dual isp.
It's possible to add a second crypto map setting for the same traffic, the same encryption, but different policy and peer and also as ANSWER-ONLY?
Cryto map for the first peer...
crypto map outside_map 20 match address outside_20_cryptomap (Same traffic)
crypto map outside_map 20 set connection-type answer-only
crypto map outside_map 20 set peer xxx.xxx.xxx.xxx (Primary ISP for the remote side)
crypto map outside_map 20 set transform-set ESP-3DES-SHA
Cryto map for the second peer...
crypto map outside_map 25 match address outside_20_cryptomap (Same traffic)
crypto map outside_map 25 set connection-type answer-only
crypto map outside_map 25 set peer xxx.xxx.xxx.xxx (Second ISP for the remote side)
crypto map outside_map 25 set transform-set ESP-3DES-SHA
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...