Cisco 1811 set VPN to tunnel to originate only

Posted on 2008-10-16
Last Modified: 2008-10-20
Here's a weird one. I have a PIX 515 (running 7.2) behind a PowerLink 100 in NY. In AR I've got a Cisco 1811w running 12.3. I need to set the Cisco 1811w in AR to originate only.
Normal I believe the command is just
crypto map <cryptomapname> set connection-type originate-only
but for some reason it's not taking. When I check out the available commands after set connection-type isn't one of them.
What am I missing?
Question by:bagbazaar
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 10

Expert Comment

ID: 22736386
It's a PIX specific command, won't work on the 1811.

Put this in the PIX instead...

crypto map <cryptomapname> <[optional]seq num> set connection-type originate-only answer-only

Author Comment

ID: 22740567
There is no equivalent for IOS then?
LVL 10

Accepted Solution

kyleb84 earned 125 total points
ID: 22754044
I've never come across such a command for the IOS, and I've looked through the qute a few Crypto docs for IOS.

No such luck.

What is your desired outcome?

You want the AR 1811 to only initiate the Tunnel when required, but the NY ASA is not allowed?

Author Comment

ID: 22758904
Desired result is that the Cisco 1811 originate only and the PIX answer only. Think I accomplished it by just setting the PIX to answer. Thanks.

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Telco & Point to Point Internet VPN 3 123
2012 r2 branch office DNS 2 73
Computer Boot Up Time can be 30 minutes, please help with any recommendations? 10 123
Ping in Fortigate 2 60
Using Windows 2008 RRAS, I was able to successfully VPN into the network, but I was having problems restricting my test user from accessing certain things on the network.  I used Google in order to try to find out how to stop people from accessing c…
Overview Often, we set up VPN appliances where the connected clients are on a separate subnet and the company will have alternate internet connections and do not use this particular device as the gateway for certain servers or clients. In this case…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question