Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1193
Views
10
Helpful
4
Replies

Real world IPSEC VPN Setup process?

Go to solution
CiscoPurpleBelt
Level 6
Level 6

‎02-12-2019 06:03 PM - edited ‎03-03-2019 09:00 AM

In the real world let's say you  need to setup a connection with another company or something where they will be managing the connecting ASA via the ASDM/GUI let's say. How are the pre-shared keys determined meaning do we normally just agree what it should be over the phone then send a text file or something, or just agree on all parameters verbally or electronically via email or something, etc?

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni

‎02-12-2019 07:03 PM

Hi

You can either decide to build up that vpn using a preshared key or certificate.

Share them over a secure transport (secure email valid for few hours like protonmail and others.) Gmail now allows to send a secure email and receiver will get a text with a code to open the encrypted email that will be valid for few hours or days.

For PSK, there are several ways to generate one. I personally use openssl and use a personnal script to mix it with sha hashing.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni
In response to CiscoPurpleBelt

‎02-13-2019 08:57 PM

You're welcome

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

4 Replies 4

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni

‎02-12-2019 07:03 PM

Hi

You can either decide to build up that vpn using a preshared key or certificate.

Share them over a secure transport (secure email valid for few hours like protonmail and others.) Gmail now allows to send a secure email and receiver will get a text with a code to open the encrypted email that will be valid for few hours or days.

For PSK, there are several ways to generate one. I personally use openssl and use a personnal script to mix it with sha hashing.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Go to solution
CiscoPurpleBelt
Level 6
Level 6
In response to Francesco Molino

‎02-13-2019 09:52 AM

Awesome thanks!

0 Helpful

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni
In response to CiscoPurpleBelt

‎02-13-2019 08:57 PM

You're welcome

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Go to solution
CiscoPurpleBelt
Level 6
Level 6
In response to Francesco Molino

‎02-14-2019 06:22 PM

I did already but I can click on another again. Thanks!
0 Helpful
Customers Also Viewed These Support Documents