Cisco 2811 vpn's to multiple cisco routers 1

[TChachra]

Hello All,

I have a Cisco 2811 which is currently set as a vpn server and allows group authentication locally and then user auth. via a Radius server. Works perfectly.

I have a Cisco 871W which connects to the 2811 via a remote vpn.

I will have a Cisco 2811 at another site.

I basically want all three routers to use SITE to SITE vpn's instead of the remote server. I want the remote server left alone for users using the cisco vpn client.

I went on the 871w and setup a site to site vpn. The same was done on the 2811. The tunnels will not come up. I have checked ipsec and all facets required. I just cannot get them to come up.

Is it possible that the 2811 can only have one tunnel or one type of tunnel on it? I mean if users can connect with the vpn client and the 871w can connect through the client on the router then why cant I create a site to site...?

Any ideas.

 

[JOAMON]

Without seeing the configs it is hard to say. You should be able with that router to have multiple tunnels at one time.

 

[Arisap]

the other possibility is to create a DM-VPN (Dynamic Multi Point VPN). there are docs on Cisco's web site on how to accomplish this. the nice thing about DM-VPN is that the tunnel from site to tisite is established when needed and then torn down when no traffic is traversing the VPN. It also gives you some flexibility to expand the VPN. Check it out.