Prev: weird Config... How long will this work?
Next: Policy Routing, raise OSPF Cost, or am I totally off base?
From: dt1649651 on 22 Apr 2008 15:28
My router is configured to work as ezvpn server, site-to-site and l2tp/
ipsec gateway. This l2tp/ipsec is for mobile devices ( Windows mobile
2003 premium or 2005 ) which support by default l2tp/ipsec but not
cisco vpn client.

I have no problem with configuration of site-to-site with ezvpn or of
site-to-site with l2tp/ipsec gateway. But when I let all three to work
together, it seems there is some conflict between the l2tp/ipsec and
ezvpn.

If the crypto map command for ezvpn has smaller order number then
ezvpn clients work, and l2tp/ipsec client cannot make the connection.

If the crypto map command for l2tp has smaller order number then l2tp/
ipsec clients work, and ezvpn clients can make the connection but go
nowhere.

site-to-site ipsec is still happy no matter what crypto map numbers of
l2tp or ezvpn are.

Is that because both l2tp/ipsec and ezvpn in this configuration have
dynamic peers so they fight each other ?


Thanks,

DT
 | 
Pages: 1
Prev: weird Config... How long will this work?
Next: Policy Routing, raise OSPF Cost, or am I totally off base?