Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

VPN site to site

Hi

I am trying to establish a VPN site to site from a PIX to a firewall Nortel.

I have configured a VPN using IPSec between the PIX and a VPN Client. When I include the commands into the PIX to create the VPN Site to Site, it blocks my connection by VPN Client. It has different isakmp priority and different crypto map name.

Thanks,

Carolina

2 REPLIES
Gold

Re: VPN site to site

only one crypto map can be applied on a single interface, and usually this is the outside interface.

however, you may create another instance under the same crypto map.

e.g.

crypto map myvpn 10 ipsec-isakmp

crypto map myvpn 10 match address 110

crypto map myvpn 10 set peer 1.1.1.2

crypto map myvpn 10 set transform-set vpnset

crypto map myvpn 20 ipsec-isakmp dynamic dynmap

instance 20 is for the remote vpn client software; whereas instance 10 is for the lan-lan vpn.

New Member

Re: VPN site to site

Thank you.

131
Views
5
Helpful
2
Replies