Hi there !
I have a working VPN setup (between a router and a PIX) based on crypto maps. For education's sake, I tried to replace the crypto map ny a tunnel interface on the router. Basically, it looks like this:
crypto map fw 101 ipsec-isakmp set peer X set transform-set vpn match address 101
has been changed to
crypto ipsec profile vpn set transform-set vpn interface Tunnel1 no ip address tunnel source FastEthernet0 tunnel destination X tunnel mode ipsec ipv4 tunnel protection ipsec profile vpn
The ISAKMP part is left unchanged, the relevant parameters look comparable. I'm aware that a route to the remote network is missing to make things work but the problem is that the tunnel doesn't come up (see "show ip int brief") so that the route is ignored.
What I'm wondering now is whether crypto maps and tunnel interfaces are just different notations for the same thing (which would make them interchangeable) or if they are completely different from each other. IOW: can I use tunnel interfaces with a PIX or just with another tunnel interface at the remote end?
TIA
fw