Add additional host to IPSEC connection on ASA
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-02-2019 09:23 AM - edited 02-21-2020 09:22 AM
So if I have a IPSEC connection allowing let's say local source addresses 10.10.10.10 and 11.11.11.11 to remote end of tunnel 100.1.1.1, and want to add 12.12.12.12 as an addition source host on my local end, do I just make the update under "Local Network" if making the changes in the ASDM? Will that automatically update the crypto map/ACLs?
If I were to update this via CLI, I would just add the new subnet/host to the interesting traffic ACL correct?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-02-2019 09:44 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-02-2019 10:48 AM
tunnel has to be restarted for the new entry to be included in IPsec sa
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-06-2019 02:40 PM
Also, currently have manual NAT statements translating the current 2 local source addresses to static original. I would need to add the new host IP to this statement as well correct? Since it is just translating to self/original, is this to make sure the 2 source addresses are not NATTED?
