1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cisco Question (regarding VPNs)

Discussion in 'Networks & Internet Connectivity' started by Wyvern971, 8 Mar 2006.

  1. Wyvern971

    Wise Guy

    Joined: 6 Oct 2004

    Posts: 1,921

    Location: London

    Not urgent as I'm only learning

    I've got 2 cisco PIX 501 firewalls (1 at home and 1 at work)
    They both have global IPs and I have set up a site to site VPN between them

    I then tried to set up the home PIX so that I could use a VPN client to connect to it.

    for some reason when I apply the crypto map to an interface it removes the map binding for the site to site VPN

    On the PIX firewalls does each interface only support 1 crypto map?

    (as the PIX 501 firewalls only have 2 interfaces I cannot bind the second crypto map to a different interface)

    Is it actually possible to set up both a site to site VPN and have it act as a VPN endpoint on a single interface? (or am I doing something stupid)


    Running PIX OS 6.3 (5)
    PDM 3.0 (not that it matters as I've done all the config in the CLI)
    501 doesn't support 7 yet I don't think
    Last edited: 8 Mar 2006
  2. V-Spec


    Joined: 8 Jun 2005

    Posts: 3,698

    Location: London

    Hi there,

    You can only apply a single crypto map to an interface on any PIX, however if you specify multiple entries in the crypto map sequenced correctly, it will apply the map with multiple entries to the interface.
  3. Burbleflop


    Joined: 7 May 2003

    Posts: 4,247

    Location: Away from here

    Spot on.

    The 501 will never support Pix OS 7 as it doesn't have enough RAM or flash.