Re: VPN ISSUE !!

From: Jordan (zdh1207@gmail.com)
Date: Mon Oct 13 2008 - 03:34:27 ART

• Next message: Osamah Shaheen: "RE: OSPF Question, how to prefer inter area routes, over intra"
• Previous message: Reza Toghraee: "RE: OSPF Question, how to prefer inter area routes, over intra"
• Maybe in reply to: Ovais Iqbal: "VPN ISSUE !!"
• Next in thread: Bogdan Sass: "Re: VPN ISSUE !!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Dear,
Try this:
crypto map mymap 10 ipsec-isakmp
 mat address 101
 set peer 1.1.1.1
 set transform-set sample

crypto map mymap 20 ipsec-isakmp
 mat address 101
 set peer 2.2.2.2
 set transform-set sample

2008/10/13 Ovais Iqbal <ovais.iqball@yahoo.com>:
> Hello all, i am deploying VPN in my environment but face this strange issue, but first look at my scenario.
>
> I have 2 routers with 2 links to each other, 1 DSL and other Wimax. On both routers i have formed GRE tunnels lets name them tunnel 1 and tunnel 2. I am running ospf and have adjusted the cost such that tunnel 1 is primary and tunnel 2 is backup. so far everything is running fine. Now i want to deploy simple site to site vpn such that, when tunnel 1 is up VPN is formed between link 1, and when tunnel 1 is down and tunnel 2 is up VPN is formed between link 2. but i dont know how to do it, see following config
>
> tunnel 1 (Wimax) destination is lets say 1.1.1.1
> tunnel 2 (DSL) destination is 2.2.2.2
>
>
> crypto map mymap 10 ipsec-isakmp
> mat address 101
> set peer 1.1.1.1
> set peer 2.2.2.2
> set transform-set sample
>
> Now you can see the issue, crypto map doesnt care which tunnel my traffic is going through, it will make peer with 1.1.1.1 and thats all !!!, i want it to make vpn tunnel with both the peers that is 1.1.1.1 and 2.2.2.2, how can i do it ??? if this is not possible then suggest me what else to do, i know its a very common scenario there should be some solution to it,
>
> Kindly help me out in this
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>

-- 
-----------------------------------------------------
UE6,:#
11>)O~M(MxBg MxBg9$3LJ&
5g;0#:(010)62108782
JV;z#:13907556613
5XV7#:11>)JP:#5mGxVP9X4eDO4s=V<W18:E11>)9z<J4sOCAWy52c
SJ1`#:100081
Blogs and organic groups at http://www.ccie.net

• Next message: Osamah Shaheen: "RE: OSPF Question, how to prefer inter area routes, over intra"
• Previous message: Reza Toghraee: "RE: OSPF Question, how to prefer inter area routes, over intra"
• Maybe in reply to: Ovais Iqbal: "VPN ISSUE !!"
• Next in thread: Bogdan Sass: "Re: VPN ISSUE !!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Nov 01 2008 - 15:35:20 ARST