Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

VPN Problem

Hi ,

We have a VPN setup wherein the OUTSIDE interface is the terminating point for VPN users connecting to our FTP servers using the VPN Client.This part of the VPN is working fine. The problem is that one site would not allow their users to use the Cisco VPN client and they suggested that we build a firewall t0 firewall VPN . They have a IBM firewall at their end . We were going to use IPSEC Pre Shared key . Although I am sure that might work... the probem comes in when both solutions have to be implemented . We tried using different crypto map's , but since only one map can be applied to the OUTSIDE interface .. we face a problem . I would appreciate any help in resolving this issue.

1 REPLY
Community Member

Re: VPN Problem

HI - create a single crypto map with 2 parts using different sequence numbers as below

crypto ipsec transform-set ENCRYPTION-PATH esp-des esp-md5-hmac

crypto dynamic-map outside_dyn_map 20 set transform-set ENCRYPTION-PATH

crypto map VPN 10 ipsec-isakmp

crypto map VPN 10 match address TO-site1

crypto map VPN 10 set peer 1.1.1.1

crypto map VPN 10 set transform-set ENCRYPTION-PATH

crypto map VPN 20 ipsec-isakmp dynamic outside_dyn_map

crypto map VPN interface outside

88
Views
0
Helpful
1
Replies
CreatePlease to create content