05-28-2003 11:41 PM - edited 02-21-2020 12:34 PM
Hi,
I have a situation where I have to add peers to my crypto map as and when there are new customers for our VPN service. When I try to edit my crypto map entries to add the new peer, the rest of the established tunnels are torn down. Looks like these devices remove the crypto map from the interface and apply it again when we edit it. Since we have dynamic environment where we need to create new IPSEC peers every now and then (through the same interface) what is the suggested solution to avoid downtime?
05-29-2003 04:51 AM
You may try to configure a dynamic crypto map, one that does not knows previously the ip address of its peers, and let authentication to a radius server. In that way, you only need to add one user to the radius server to enable a new peer to interact with you via vpn.
Hope to help,
05-29-2003 04:58 PM
This is a good idea! Thanks.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: