Solved

VPN Tunnel setup

Posted on 2014-11-15
2
196 Views
Last Modified: 2014-11-16
Hello everyone,

I have problem with a VPN tunnel setup. We have an ASA 5510 and we have setup VPN access for users from outside. It works fine. The problem comes  up when configuring Amazon VPN tunnel on it, and where Amazon instructs you to execute this command

crypto map amzn_vpn_map interface outside


once this is executed, VPN tunnel comes up, but our vpn users cannot connect anymore until we map again our crypto map to the iterface outside, which in turns brings the VPN tunnel to Amazon down.

The solution might be simple, but I am no expert.
0
Comment
Question by:tiki2014
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 22

Accepted Solution

by:
Matt V earned 500 total points
ID: 40445082
you can only apply one crypto map to the interface "outisde".  What you need to do is create the Amazon map config in your existing map using a new sequence number.

Here is an example.  Sequence 10 is the first crypto map and then 1000 is used for the secondary.

https://supportforums.cisco.com/discussion/9297751/applying-multiple-crypto-maps-interface
0
 

Author Closing Comment

by:tiki2014
ID: 40445868
Thanks,

That did the trick.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Overview The Cisco PIX 501, PIX 506e, ASA 5505 and ASA 5510 (most if not all of this information will be relevant to the PIX 515e but I do not have a working configuration handy to verify the validity) are primarily used within small to medium busi…
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question