cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
253
Views
0
Helpful
1
Replies

Site - site vpn

saroj pradhan
Level 1
Level 1

i want  site 2 site  vpn   between  two sites   on  cisco  ASA 5510 Firewall.

One  ASA has  already  one  site 2 site  vpn  configured. please guide  me  what  to  do  for  configurations.

Regards,

Saroj

1 Reply 1

You can apply the following configuration on both ASAs.  Just remember that the crypto ACLs should be a mirror image of eachother.  for example if the ip 10.10.10.0 255.255.255.0 is the source at one end, this same ip will be the destination when configured at the other end.

access-list ACL-NAME extended permit ip

crypto isakmp policy

  authentication pre-share

  hash sha

  group 2

  encryption aes256

crypto ipsec transform-set SET-NAME esp-aes 256 esp-sha-hmac

tunnel-group type ipsec-l2l

tunnel-group ipsec-attributes

  pre-shared-key PASSWORD

crypto map 10 match address ACL-NAME

crypto map 10 set transform-set SET-NAME

crypto map 10 set peer

--
Please remember to rate and select a correct answer

--
Please remember to select a correct answer and rate helpful posts
Review Cisco Networking for a $25 gift card