IPsec Remote Access and L2L Sessions on the Same Router
Figure 18-3 shows an example network that has both remote access and L2L sessions. In this example, the remote office network is acquiring its address dynamically, via DHCP, from its connected ISP, which also is true of the remote access clients. Because the central office router doesn’t know the remote office router’s IP address, you would have to configure the pre-shared key for the router as 0.0.0.0 0.0.0.0 with no XAUTH. However, doing this would cause XAUTH to not work for the remote access clients. One solution would be to use certificates instead of pre-shared keys; for small networks, though, this might not be cost-effective or practical.
Figure 18-3. Remote Access and L2L Connections ...
Get The Complete Cisco VPN Configuration Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
