PDM for site to site VPN?

[dkraut]

Setting up a site-to-site VPN using the CLI ranks right up there with having bamboo shoots driven under my nails!
My question is, can I use the PDM / VPN wizard to add a site to site VPN to my existing config? Scenario is that we recently opened a new remote office and I need to setup an IPSEC site to site VPN to/from their Cisco 2600XM router.
I saved my curent config to TFTP and started the wizard but then wondered if it would affect any of my existing
site-to-site VPN's already configured on my PIX?

TIA! Dave

 

[chicocouk]

If they have overlapping network ranges (ie, both vpns use the same local addresses) it will affect your other vpns. If they don't, then no, it won't.

CCNA, MCSE, Cisco Firewall specialist, VPN specialist, wannabe CCSP

 

[dkraut]

Thanks for the info!

I went ahead ran the wizard but at the end, it said that the config was incomplete? It did add all the info I entered and here are the entries added (with slightly modifeid IP's). What am I missing? >>

--------------------------
name 172.55.0.0 Asia
access-list nonat permit ip 172.24.10.0 255.255.255.0 Asia 255.255.248.0
access-list outside_cryptomap_65 permit ip 172.24.10.0 255.255.255.0 Asia 255.255.248.0
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec security-association lifetime seconds 3600
lifetime seconds 28800 kilobytes 4608000
! Incomplete
crypto map norcrossmap 65 ipsec-isakmp
crypto map norcrossmap 65 match address outside_cryptomap_65
crypto map norcrossmap 65 set peer 215.218.48.116
crypto map norcrossmap 65 set transform-set ESP-3DES-MD5
crypto map norcrossmap 65535 ipsec-isakmp dynamic ndynmap
crypto map norcrossmap interface outside
isakmp enable outside
isakmp key ********* address 215.218.48.116 netmask 255.255.255.255 no-xauth no-config-mode
isakmp identity address
isakmp policy 25 authentication pre-share
isakmp policy 25 encryption 3des
isakmp policy 25 hash md5
isakmp policy 25 group 2
isakmp policy 25 lifetime 86400