yes, I tried to create two remote VPN tunnels terminating on the same ASA on one single outside interface.
The customer wanted to change vpn ip addresses (dhcp pool on the asa) to a different network address; My intention was simply creating another profile (.pcf file) by creating another remote VPN tunnel. I don't know if this is possible.
That way, I can have two VPN profile running; and the cusomter can switch to the new profile (new vpn address) as they wish.
Acutally i think i may make things more complicated than it really is...
Can I just simply chaning the ip pool address on the ASA (may be a few other code change..); and the vpn client would automatically getting the new ip addreess? Is this going to work?
For instance let's say that you have the following configuration:
ip local pool firstpool 192.168.0.10-192.168.0.15 tunnel-group firstgroup type ipsec-ra tunnel-group firstgroup general-attributes address-pool firstpool tunnel-group firstgroup ipsec-attributes pre-shared-key password1
To create another profile for remote clients, you can do the following:
ip local pool secondpool 192.168.1.10-192.168.1.15 tunnel-group secondgroup type ipsec-ra tunnel-group secondgroup general-attributes address-pool secondpool tunnel-group secondgroup ipsec-attributes pre-shared-key password2
You have one profile named firstgroup with password password1 and a second profile named secondgroup with the password passwowrd2
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :