two tunnels on one outside interface

Discussion in 'Network Security' started by alla19l, Aug 16, 2014.

  1. alla19l

    alla19l New Member

    2
    0
    1
    Hello, i have asa 5505 8.2
    I want to use two vpn tunnels at the same time.
    One is for cisco vpn client and one for android client (l2tp)



    In this configuration, alternately running one or another vpn

    crypto ipsec transform-set FirstSet esp-3des esp-md5-hmac
    crypto ipsec transform-set trans esp-3des esp-sha-hmac
    crypto ipsec transform-set trans mode transport
    crypto ipsec security-association lifetime seconds 28800
    crypto ipsec security-association lifetime kilobytes 4608000

    crypto dynamic-map dyno 10 set transform-set trans
    crypto dynamic-map dyn1 1 set transform-set FirstSet
    crypto dynamic-map dyn1 1 set reverse-route

    crypto map vpn 65535 ipsec-isakmp dynamic dyno
    crypto map mymap 1 ipsec-isakmp dynamic dyn1
    crypto map vpn interface outside





    I tried to fix by making like this:

    crypto dynamic-map dyno 10 set transform-set trans
    crypto dynamic-map dyn1 1 set transform-set FirstSet
    crypto dynamic-map dyn1 1 set reverse-route

    crypto map outside_map 65534 ipsec-isakmp dynamic dyn1
    crypto map outside_map 65535 ipsec-isakmp dynamic dyno
    crypto map outside_map interface outside

    I attached two different crypto dynamic-map: dyno and dyn1 at one crypto
    map outside_map with different sequence numbers, the result - still at the
    same time I can not connect through the Cisco VPN Client, and with android
    phone (l2tp). Only connect via Cisco VPN Client.
     

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.