Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Multiple Site-to-Site VPNs with PIX 6.3(5) Can it be done?!

Hi

I've set up a VPN tunnel between two PIXes (eg PIX A and PIX B) running 6.3(5). This works fine. I then tried to add another VPN tunnel from PIX A to a new PIX C. This didn't work! It would appear that I can only assign one crypto map, and therefore one tunnel, to one phyical interface on PIX A. Is this right? I assumed you could run multiple VPN tunnels from a single physical interface.

Any advise gratefully recevied!

Regards

Paul

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Multiple Site-to-Site VPNs with PIX 6.3(5) Can it be done?!

You can use something like this

crypto map VPN-MAP 10 ipsec-isakmp

crypto map VPN-MAP 10 match address B-VPN

crypto map VPN-MAP 10 set peer b.b.b.b

crypto map VPN-MAP 10 set transform-set ESP-AES256-MD5

crypto map VPN-MAP 20 ipsec-isakmp

crypto map VPN-MAP 20 match address C-VPN

crypto map VPN-MAP 20 set peer c.c.c.c

crypto map VPN-MAP 20 set transform-set ESP-AES256-MD5

2 REPLIES

Re: Multiple Site-to-Site VPNs with PIX 6.3(5) Can it be done?!

You can use something like this

crypto map VPN-MAP 10 ipsec-isakmp

crypto map VPN-MAP 10 match address B-VPN

crypto map VPN-MAP 10 set peer b.b.b.b

crypto map VPN-MAP 10 set transform-set ESP-AES256-MD5

crypto map VPN-MAP 20 ipsec-isakmp

crypto map VPN-MAP 20 match address C-VPN

crypto map VPN-MAP 20 set peer c.c.c.c

crypto map VPN-MAP 20 set transform-set ESP-AES256-MD5

New Member

Re: Multiple Site-to-Site VPNs with PIX 6.3(5) Can it be done?!

Many Thanks - that's sorted it.

110
Views
0
Helpful
2
Replies