Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

I need help setting up VPN clients (software)

Status
Not open for further replies.
ianbla

ianbla

IS-IT--Management
Oct 31, 2001
156
GB
We already have a VPN to a customer site which is on the outside iunterfac. In the documentation to set up a software client it tells you to apply the following command "crypto map mymap interface outside" as soon as I do this the existing customer link is lost and poeple are nasty to me and shout, how can I stop them shouting at me and get both working, I must be missing something.

Many thanks
 
Sort by date Sort by votes
You can only apply one cryptomap to an interface so if you rename the cryptomap it will drop all current tunnels. What you need is a different instance of the tunnel so if you currently have let´s say crypto map anymap 10 ... you will need crypto map anymap 20 ... for the new crypto commands. However, if you configure an incomplete crypto map all traffic will be encrypted and you will loose connection to the Internet, to avoid this issue it is recommended to disable the crypto map from the interface, configure the new tunnel and then enable the crypto map on the interface again. Of course this will disrupt current tunnels so you may want to do it at a time where no tunnles are used.
 
Upvote 0 Downvote
Thanks for the heads up.

I have just been told that I need to establish another VPN tunnel to a different customer. Am I right in saying that I can do this on the PIX515e and have seperate ACLS for the 2 links.
 
Upvote 0 Downvote
you need separate ACLs for interesting traffic you also need a different ACL to bypass NAT and as explained earlier you need a different instance of the crypto map.
 
Upvote 0 Downvote
Do you know if there is any good papers out there explaining all the differnt elements that make up the VPN connection

Transform set
dynamic map
crypto map

I find it a bit confusing.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
283
Sameer258
Sameer258
intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
297
intel233
intel233
PauS0n
  • Locked
  • Question
Need Help On Cisco ASA 5512 Running Version 9
Replies
0
Views
90
PauS0n
PauS0n
ISDPCMAN
  • Locked
  • Question
RDP fails over VPN
Replies
1
Views
128
gkittelson
gkittelson
Shmid
  • Locked
  • Question
Restricting Sonicwall SSL-VPN users for WAN access
Replies
7
Views
365
Shmid
Shmid

Part and Inventory Search

Sponsor

Back
Top