troubleshooting Question

ASA5505 Cryto Map sequence number explanation

Avatar of mmurraynet
mmurraynetFlag for United States of America asked on
CiscoInternet Protocol Security
1 Comment1 Solution649 ViewsLast Modified:
I am setting up a site-to-site VPN between an ASA550 and a 1721 and have a question on the ASA config. I am configuring the crypto map below but don't understand the sequence numbers. I read the Cisco command reference explanation but it's still not clear to me. Should I configure as such:

crypto map VPN_MAP 10 match address TRAFFIC_TO_REMOTE
crypto map VPN_MAP 10 set peer 171.22.55.2
crypto map VPN_MAP 10 set transform-set AES_SHA

or like this:

crypto map VPN_MAP 10 match address TRAFFIC_TO_REMOTE
crypto map VPN_MAP 20 set peer 171.22.55.2
crypto map VPN_MAP 30 set transform-set AES_SHA

What's the difference?
ASKER CERTIFIED SOLUTION
Join our community to see this answer!
Unlock 1 Answer and 1 Comment.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 1 Comment.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros