I have 2 tunnels that work fine. I tried adding a third tunnel. When I go to test it in packet tracer I get a failure at the second vpn lookup which is encryption. When packet tracing the other two tunnels, they look identical except they don't fail. I did this in asdm. I then pulled the config and compared the new tunnel with the old ones, and they are all parallel, so this makes no sense.
Both tunnels go to the same peer IP 18.104.22.168 The only difference is the interesting traffic. There's no need to create two tunnels (in fact it would not work) What you need is to create a single tunnel to the peer 22.214.171.124 and have the crypto ACL with both connections
So for instance only this tunnel: crypto map outside_map 2 match address outside_cryptomap crypto map outside_map 2 set peer 126.96.36.199 crypto map outside_map 2 set transform-set ESP-AES-128-SHA crypto map outside_map 2 set security-association lifetime seconds 86400
access-list outside_cryptomap extended permit ip host 192.168.1.50 host 10.1.1.37 access-list outside_cryptomap extended permit ip host 192.168.1.51 host 10.1.1.37
And get rid of the configuration for the other tunnel.
It should work because I'm specifying interesting traffic from another server even if the endpoint is t
echnically the same IP, it is located at another location, so the two are mutually exclusive private IP's. But just for the sake of difference I changed it so they're different, but still same problem.
Tunnel 192.168.1.50 to 10.1.1.37 works, peer 188.8.131.52
I created another tunnel 192.168.1.51 to 10.1.1.36 not working, peer 184.108.40.206
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :