I'm new to the 3005 so forgive me if I have a stupid question. I can setup a lan 2 lan IPsec with no problem but I can't figure out how to route another SA or subnet across that same IKE policy/tunnel. When I tried to add another L2L it says that you can only use the peer once. On a pix you just add an access list for for each data pattern that you want to go across the tunnel.
Any help would be appreciated.
Thanks
under your L2L config
Configuration | Tunneling and Security | IPSec | LAN-to-LAN
change the local and or remote networks to a network list (you define network lists under Configuration | Policy Management | Traffic Management | Network Lists)
a network list defines which networks "route" over the tunnel.
You will need to make them the same on each peer concentrator...
so if one concentrator is only sourcing one subnet, it can still have a subnet/wild card mask under the "local network part of the lan to lan config" and its remote network peer will be a network list.. you can also use a network list on both sides of the lan to lan connection, where each side has multiple networks that the peer needs to know.
Joe
Michael Letchworth wrote:
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.