Solved: Multiple Site-to-Site VPNs with PIX 6.3(5) Can it be done?!

PDEdwards · ‎09-19-2007

Hi

I've set up a VPN tunnel between two PIXes (eg PIX A and PIX B) running 6.3(5). This works fine. I then tried to add another VPN tunnel from PIX A to a new PIX C. This didn't work! It would appear that I can only assign one crypto map, and therefore one tunnel, to one phyical interface on PIX A. Is this right? I assumed you could run multiple VPN tunnels from a single physical interface.

Any advise gratefully recevied!

Regards

Paul

a.alekseev · ‎09-19-2007

You can use something like this

crypto map VPN-MAP 10 ipsec-isakmp

crypto map VPN-MAP 10 match address B-VPN

crypto map VPN-MAP 10 set peer b.b.b.b

crypto map VPN-MAP 10 set transform-set ESP-AES256-MD5

crypto map VPN-MAP 20 ipsec-isakmp

crypto map VPN-MAP 20 match address C-VPN

crypto map VPN-MAP 20 set peer c.c.c.c

crypto map VPN-MAP 20 set transform-set ESP-AES256-MD5

View solution in original post

a.alekseev · ‎09-19-2007