Can a PIX 501 handle both static and dynamic VPN at the same time?
I have a PIX 501 that is currently configured with a static IPSec tunnel to another remote site. This tunnel is verified as working properly. What I'd like to do is add VPN server functionality for me to remotely access the network. The configuration examples I've seen all included creating a dynamic crypto map...but since a static one is already in place, this poses a problem as only a single crypto map statement is allowed on an interface (unless I'm mistaken?). Anyone know an easy way around this?
Re: Can a PIX 501 handle both static and dynamic VPN at the same
You can only have one crypto map applied to an interface, but you can have multiple static IPSec tunnels because the crypto maps have sequence numbers. So, what you have to do is use the same crypto map that is already in place, but add another instance of that crypto map with a different sequence number.
For example you have:
crypto map yourmap 10....
You just add:
crypto map yourmap 20....
If you want to add another static IPSec tunnel, then you continue:
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...