04-04-2006 10:24 PM - edited 03-09-2019 02:30 PM
Hi all
I am configuring a site to site vpn and cisco client vpn for my ASA
can i check do i need to created two transform set name, one for site to site and one for client vpn? or i should just created one transform set name?
i went through certain sample configuration file for site to site and client vpn and i realised most of them only make use of a single transform set name
thank!
04-04-2006 11:32 PM
One should do. You can invoke the trasnform set for both LAN2LAN and dynamic users
04-05-2006 10:15 AM
As long as the LAN to LAN and dynamic users will use the same combination of security protocols and algorithms then only a single transform set needs to be configured. If there is to be any difference in security protocols or algorithms (for example if the LAN to LAN will use SHA and the dynamic users will use MD5) then you would need separate transform sets.
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide