My router is configured to work as ezvpn server, site-to-site and l2tp/ ipsec gateway. This l2tp/ipsec is for mobile devices ( Windows mobile
2003 premium or 2005 ) which support by default l2tp/ipsec but not cisco vpn client.I have no problem with configuration of site-to-site with ezvpn or of site-to-site with l2tp/ipsec gateway. But when I let all three to work together, it seems there is some conflict between the l2tp/ipsec and ezvpn.
If the crypto map command for ezvpn has smaller order number then ezvpn clients work, and l2tp/ipsec client cannot make the connection.
If the crypto map command for l2tp has smaller order number then l2tp/ ipsec clients work, and ezvpn clients can make the connection but go nowhere.
site-to-site ipsec is still happy no matter what crypto map numbers of l2tp or ezvpn are.
Is that because both l2tp/ipsec and ezvpn in this configuration have dynamic peers so they fight each other ?
Thanks,
DT