Hello!
I have AWS and recently they asked me to make a tunnel with a client who has a Cisco ASA.
The requirement is to make a tunnel with ipsec to Cisco ASA, for that one of my instances (AMI) can send files via ftp.
I think that the solution is I use the Cisco Cloud Services Router 1000v on AWS.
I´ve configured the Cisco Cloud Services Router 1000v on AWS with the follow commands:
#crypto isakmp enable
#crypto isakmp policy 10
#encr 3des
#hash sha
#authentication pre-share
#group 2
#lifetime 86400
crypto isakmp key PRE-SHARED-KEY address IP_PUBLIC_CISCO_ASA
#ip access-list extended VPN-HSBC
#permit ip 172.31.18.103 0.0.0.0 IP_LAN 0.0.0.0
crypto ipsec transform-set TS esp-3des
ip-172-31-12-104(config)#crypto map CMAP 10 ipsec-isakmp
ip-172-31-12-104(config-crypto-map)#set peer IP_PUBLIC_CISCO_ASA
ip-172-31-12-104(config-crypto-map)#set transform-set TS
ip-172-31-12-104(config-crypto-map)#match address VPN-HSBC
ip-172-31-12-104(config-crypto-map)#end
ip-172-31-12-104(config)#interface GigabitEthernet2
ip-172-31-12-104(config-if)#crypto map CMAP
But the tunnel isn´t up in my Cisco Cloud Services Router 1000v.
What settings do I need to make?
Regards,
Orlando