Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Add Crypto map to an internal Interface...

Hi All,

Assume that we have a 2-interface router.

Assume Fa0 is connected to internet and Fa1 is connected to local Lan and both interfaces with public addresses. Is there a way to have crypto map to the internal interface insted of the public interface? I remember I saw somewhere examples of crypto map assigned on the loopback address.


Re: Add Crypto map to an internal Interface...

The crypto map has to be applied to he interface that receives the encrypted traffic, if your internal interface is going to receive that encrypted traffic then you will have no problem with that, however if the traffic is going to be received on the interface connected to the internet you need to apply the crypto map there. There is something else to do when you want to use another ip address than the one you have on the interface facing the internet, thatis the "local-address" feature, which allows you to use another ip address as the VPN source for identification.

crypto map local-address ifname

CreatePlease to create content