Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

ASA5540 Ver7.2 VPN IPSec lan-to-lan

Good evening,

I should make a question about using crypto map.

Can I use a different crypto map for every lan-to-lan IpSec tunnel?

I ask this question because from my test my result was that I can use only a cypto map that will used by every tunnel.

Who can confirm or deny?

Any information that you can send me are welcomed.

Best Regards

--

Davide Sacca'

3 REPLIES

Re: ASA5540 Ver7.2 VPN IPSec lan-to-lan

Hi Davide,

You can use a single crypto map per interface, meaning that if you are going to have lan to lan connections to your external interface you can only use a single crypto map, however you can use multiple crypto sequence numbers to differentiate each tunnel.

Community Member

Re: ASA5540 Ver7.2 VPN IPSec lan-to-lan

Good evening Ivan,

thanks very much for your reply, if I could have another doubt.

Should I apply a new crypto map to a "virtual" interface which I will create under the outside interface?

For example under the interface GigabitEthernet0/0.1

Best Regards

--

Davide Sacca'

Re: ASA5540 Ver7.2 VPN IPSec lan-to-lan

You will ned to apply that crypto map on the interface where your default gateway is found, if this is found on that vlan interface, and that vlan interface is the outside then you would need to apply it there.

262
Views
0
Helpful
3
Replies
CreatePlease to create content