Its easy to configure L2L VPN between two ASAs.Is it possible to create a L2L VPN between a cisco ASA and an ISR Router?Whats the major difference between the two configurations?
Network Security
Engage with peers and experts on network security topics such as Secure Firewall Threat Defense, Adaptive Security Appliance, Secure Firewall Management Center, and Security Cloud Control.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- Technology and Support
- Security
- Network Security
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Labels
-
AAA
(8) -
Access Control Server (ACS)
(6) -
Access List
(4) -
ACI
(10) -
Advanced Threats
(1) -
AMP for Endpoints
(1) -
AnyConnect
(3) -
APIs
(1) -
Appliances
(18) -
ASA
(1) -
ASR 1000 Series
(1) -
Branch Router
(2) -
Buying Recommendation
(85) -
Catalyst 2000
(1) -
Catalyst 3000
(2) -
Catalyst 4000
(1) -
Catalyst 6000
(1) -
Catalyst 8000
(1) -
Catalyst 9000
(2) -
Catalyst Switch
(2) -
Catalyst Wireless Controllers
(1) -
Cisco
(1) -
Cisco Adaptive Security Appliance (ASA)
(9,546) -
Cisco Bugs
(34) -
Cisco Cafe
(25) -
Cisco CLI Analyzer
(1) -
Cisco Cloud Services Router
(1) -
Cisco Defense Orchestrator (CDO)
(141) -
Cisco Firepower Device Manager (FDM)
(812) -
Cisco Firepower Management Center (FMC)
(2,909) -
Cisco Firepower Threat Defense (FTD)
(3,164) -
Cisco Press Cafe
(1) -
Cisco Secure Firewall Device Management (FDM)
(11) -
Cisco Secure Firewall Management Center (FMC)
(66) -
Cisco Secure Firewall Threat Defense (FTD)
(90) -
Cisco Security Cloud Control
(2) -
Cisco Security Manager (CSM)
(3) -
Cisco Software
(17) -
CISCO START ANZ
(1) -
Cisco Threat Response
(1) -
Cisco Vulnerability Management
(44) -
Cloud
(1) -
Cloud Security
(3) -
Community Bug or Issue
(1) -
Community Feedback Forum
(31) -
Community Ideas
(18) -
Compliance and Posture
(1) -
Crypto
(1) -
CSC Content with No Valid Community to Post
(1) -
CUBE
(1) -
CUCM
(1) -
Data Center Networking
(1) -
Device Admin
(13) -
EEM Scripting
(1) -
Emergency Responder
(1) -
Endpoint Security
(6) -
Enterprise Agreement
(1) -
Event Analysis
(259) -
FirePOWER
(1) -
Firepower Chassis Manager (FCM)
(2) -
Firepower Device Manager (FDM)
(16) -
Firepower Management Center (FMC)
(408) -
Firepower Threat Defense (FTD)
(221) -
Firewall Migration Tool (FMT)
(27) -
Firewalls
(1,171) -
FMC
(1) -
General
(2) -
Guest
(1) -
Identity Services Engine (ISE)
(9) -
IE3300
(1) -
Integrated Security
(8) -
Integrated Security Architecture
(1) -
Integrations
(3) -
Investigation
(2) -
iOS
(1) -
IPS and IDS
(6,574) -
IPS and IDS1
(1) -
IPS-IDS
(1) -
IPSEC
(1) -
ISE
(1) -
LAN Switching
(7) -
License
(321) -
MPLS
(1) -
Multicloud Defense
(3) -
Network Management
(91) -
Network Security
(2) -
Networking
(1) -
NFVIS
(1) -
NGFW Firewalls
(37,566) -
NGIPS
(1,873) -
Online Tools and Resources
(1) -
Optical Networking
(3) -
Optics
(1) -
Other Collaboration Topics
(1) -
Other Community Feedback
(4) -
Other Firewalls
(1) -
Other NAC
(18) -
Other Network
(1) -
Other Network Security Topics
(10,774) -
Other Networking
(9) -
Other Routers
(9) -
Other Routing
(24) -
Other Routing and Switching topics
(2) -
Other Security
(1) -
Other Security Topics
(18) -
Other Switches
(11) -
Other Switching
(4) -
Other VPN Topics
(1) -
Passive Identity
(1) -
Physical Security
(20) -
Policy and Access
(2) -
Prioritization
(2) -
Remote Access
(2) -
Room Endpoints
(1) -
Routing Protocols
(7) -
SD-WAN Security
(1) -
Secure Network Analytics
(1) -
Security
(3) -
Security Management
(632) -
Segmentation
(3) -
Service Providers
(1) -
Small Business Routers
(4) -
Small Business Security
(2) -
Sourcefire
(2) -
Support
(2) -
Threat Containment
(6) -
Threat Defense
(1) -
Threat Grid
(1) -
Unified Computing System (UCS)
(1) -
Voice Gateways
(1) -
VPN
(24) -
VPN and AnyConnect
(1) -
Vulnerability Management
(43) -
WAN
(7) -
Web Security
(5) -
Webex Teams
(1) -
Wired
(3) -
Wireless Security
(1)
- « Previous
- Next »
Forum Posts
Hi,I have noticed a number of these surfacing in the quarantined applications.Is there a way to tune this to prevent this from reocurring across all of the desktops.As far as I can tell these events are not been recieved by the CSA server. i.e. Login...
I'm setting up a ASA5520 (version 8.2(1))and would like to enable Traceroute from the Inside to the Outside. Most articles tell you to use ICMP Inspection instead of ACL's for this. ICMP Inspection appears to only allow replies that are from the d...
Hello,Is there any way to change the administrative distance on the reverse-route feature of VPN tunnels? When using reverse-route it installs it as static, which gives it an admin distance of 1 it seems, so makes it very hard to use that as a backu...
We just migrated to an ASA5550 and an internal contractor cannot finish ISAKMP negotiation back to her IPSec VPN server (it's a Nortel client). She does get her DNS and IP adddress, so I presume something is trying to connect back to her PC. We fixe...
Hi All, whenever I turn on debug in ASA to start troubleshooting, it shows lots of output from access-list and connection teardown, and I can't see my debug output. how can I turn off those message to see debug output instead? any suggestion would be...
Thanks, Cisco, for creating a Management nightmare with your "Global Correlation" option in version 7.0...Lets start with the SSM-AIP-20 Management interface... We have an OOB Management network, with a single POI into this through a separate PIX515E...
Hello,I am having issues with the IPS sensor not doing the global correlation updates. The IPS module has access to the internet and I can ping the server which serves the updates. Anything else to be checked?
hi,we have AIP-SSM-40 modeule installed on ASA 5540 but it is just physically present.Is it possible to configure to this modeule in inline or like IDS mode? It has only one Ethernet interface. Can this interface be treated as sensor interface and ma...
Can someone point me in the right direction.I have an ASA 5505 setup with both remote access (Anyconnect), as well as a site to site tunnel over to a business partner.From the outside, I can connect via anyconnect and go anywhere within my internal n...
Hello,I have been provided a server in which I have installed Ciscoworks, which is running fine. I also wish to install IME on the same machine, so that our monitoring is running on a proper, ups-powered, server machine instead of a desktop.However I...
Hello all,I'm having a problem with NAC 4.6.1 and agent 4.6.2.113. If a client already has an older CAA installed they get prompted to upgrade and it works fine. However, if no agent is installed and you try to install it from the http page, it acts ...
greetingI have log:Sep 10 03:19:37 [10.4.3.20.2.2] %ASA-6-106015: Deny TCP (no connection) from 10.15.6.164/6389 to 10.4.27.102/4486 flags ACK on interface insideIs it any possible to open firewall to allow this traffic pass? I believe, it is defaul...
Sig 1307/0 TCP Window Variation is constantly firing on my IPS. The explanation mentions that some "improperly implemented" firewalls can cause this signature to fire. I have an ASA 5520 between my users and the internet and all internet traffic is...
Hi there,I know that with WLC 5.1 and NAC 4.5 Cisco started to support OOB, NAC implementation. Now here is my question:A customer has CISCO environment except for the wireless which is another vendor. What are the options to bring wireless traffic i...
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Unanswered Topics
| Subject | Author | Posted |
|---|---|---|
| 10-10-2025 02:32 PM | ||
| 10-10-2025 12:52 PM | ||
| 10-08-2025 02:11 AM | ||
| 09-30-2025 03:35 AM | ||
| 09-26-2025 12:33 AM |
New solutions
Top Solution Authors
| User | Count |
|---|---|
| 17 | |
| 5 | |
| 2 | |
| 1 | |
| 1 |
