cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
113
Views
0
Helpful
1
Replies
Highlighted
Beginner

Cisco ASA group-policy DfltGrpPolicy attributes

All

 

We are beginning to use ikev2 for site-to-site vpn's

My current vpn's use the following group-policy:

 

group-policy DfltGrpPolicy attributes
 vpn-tunnel-protocol ikev1 l2tp-ipsec ssl-clientless
 webvpn
  anyconnect ssl keepalive none
  anyconnect dpd-interval client none
  anyconnect dpd-interval gateway none
  customization value DfltCustomization

 

My question/concern is:

If I modify this group-policy by adding ikev2 will this cause any adverse impact to production vpn's currently in place?

 

Please advise at your earliest convenience.

 

 

sMc
1 REPLY
Participant

Re: Cisco ASA group-policy DfltGrpPolicy attributes

Adding IKEv2 to the list of tunneling protocols wouldn't have an impact on the other connection profile settings that also reference the default policy you are just allowing another tunneling protocol along with the ones you already have enabled.

 

Although personally I would create a new group policy for the site to site connections just to keep things more organized but if you want to use the default policy that is ok too.

CreatePlease to create content
Ask the Expert- Firepower configuration & troubleshooting