What happens when IKEv2 phase 1 policies are deleted on Cisco ASA
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-11-2018 12:43 AM - edited 02-21-2020 08:27 AM
Hello All,
I'm new to Cisco. Recently, I have come across an issue, when I was building an L2L IPSec VPN tunnel between Cisco ASA and Checkpoint(Peer), I have removed the existing policies on the IKEv2 Phase and added my customized profile. My work was successful but the other tunnel was down. When I checked the tunnel policies, I could see the related policies were removed, only my customized policy was there. I did this through ASDM. I have fixed it since I had the backup. Can someone please clarify why my changes were affected other tunnels?
Regards,
Tim
Timothy Gandhiruban
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-11-2018 01:50 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-11-2018 06:06 AM
Thank you for your response. As you said, I have removed the policy used by the other tunnel. But when configuring a new tunnel, why we need to keep the other policies? When I try to remove the Phase 2 policies, it throwed a pop up that says I cannot delete the predefined policies. But I didn't get any pop up for Phase 1 policies, I was able to remove it? So, is it default behavior of Cisco ASA? Is that how it designed? Please advise.
Timothy Gandhiruban
