Cisco Support Community
Community Member

VPN on more than 1 interface

Is that possible to apply the VPN to more than one interface?

We have a scenario where the PIX firewall is already configured with PIX to PIX VPN (on outside interface) and we need the support people to come in from one of the DMZ, which uses the company dial in facilities and still use VPN client. The reason why the support people needs vpn is because we don't want to allow the whole dial in subnets because it is dynamically allocated and we can't tightenit by ACL.

Again, many thanks in advance.


Re: VPN on more than 1 interface

If all that you trying is to allow traffic from the DMZ to pass through the VPN tunnel, the same can be done by adding the network that you want to tunnel to the access-list. Then, you'll need to set up a conduit so you can allow that traffic to come in on the inside interface. If on the other hand you are trying to build two tunnels originating from two different interfaces, I think that can be done too. You need to ensure that you are using a version that allows crypto map to be applied to any active interface.

CreatePlease to create content