Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Multiple VPN's

I have two 515 Pix's in failover, I have successfully established one 3DES VPN with peer.

On adding the second cryptomap configuration (with different map ID, yet identical to first map details just different peer), to the host Pix, I seem to loose the connection to the internet. This connection is not restored unless I remove the second cryptomap config from the Pix. During the outage the interface appears to be up but I'm unable to browse the web.

Is there something I am missing when adding the second VPN config?

Does it matter whether the host Pix's are in failover?

2 REPLIES
Cisco Employee

Re: Multiple VPN's

Whenever you make changes to the crypto map, you should first un-apply the crypto map off the interface to avoid such situations happening.

Changing access-list for crypto, nat statements, policy, and anything that is related to the ipsec config could cause you to lock up the interface if you do not unapply the crypto map off the interface first.

no crypto map 'mapname' interface outside

no isakmp enable outside

Make your changes to the config, then re-apply the 2 commands.

Regards,

New Member

Re: Multiple VPN's

Many thanks, that did the trick.

Regards.

105
Views
0
Helpful
2
Replies
CreatePlease to create content