Hi In a context, I don't see the VPN support. The options for crypto command are "ca" and "key" which are used for SSL/TLS, SSH and CA.
pixfirewall/mine(config)# crypto ? configure mode commands/options: ca Certification authority key Long term key operations As per the given below link, VPN is not supported in multiple context: http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/contexts.html *Snippet from the link* Unsupported Features Multiple context mode does not support the following features: •Dynamic routing protocols Security contexts support only static routes. You cannot enable OSPF, RIP, or EIGRP in multiple context mode. •VPN •Multicast routing. Multicast bridging is supported. •Threat Detection •QoS •Phone Proxy With regards Kings On Sat, Sep 5, 2009 at 12:20 PM, Stuart Hare <[email protected]>wrote: > Dm > > I beleive this is referring to the stateful failover of IPSec > connections thru the asa, and not terminating vpns direct to the asa. > As far as I am aware VPN is still not supported in multiple context > mode, whether it remains that way I'm unsure as nat has been added to > v8 and they are gradually increasing the capabilities with > virtualisation. > > Stu > > > > Sent from my iPhone > > On 5 Sep 2009, at 07:23, Dnyaneshwar Gore <[email protected]> > wrote: > > > Hi All, > > > > As per ASA ver 8.0 configuration guide on page 4-2 (98, multiple > > context mode does not support VPN. But in resource management > > section, it says that max limit per context for IPsec session is 5. > > Also in Failover section on page 15-1 (259) there is note in > > Understanding Failover section that "IPsec or SSL VPN can not be > > enabled in Active/Active stateful failover but VPN failover is > > available for Active/standby failover." Active/standby failover is > > possible in multiple context mode. That means VPN is supported in > > multiple context mode. > > > > I am confused by these different explanations on VPN support in > > multiple context mode. If we say that VPN is not supported in > > multiple context mode then how VPN is supported in resource > > management for multiple contexts and active/standby failover in > > multiple context mode.? > > > > Regards, > > D.M.Gore > > _______________________________________________ > > For more information regarding industry leading CCIE Lab training, > > please visit www.ipexpert.com > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
