01-24-2017 06:13 AM
I just read over the release notes for the new 9.7.1 release and stumbled upon this:
Virtual Tunnel Interface (VTI) support for ASA VPN module |
The ASA VPN module is enhanced with a new logical interface called Virtual Tunnel Interface (VTI), used to represent a VPN tunnel to a peer. This supports route based VPN with IPsec profiles attached to each end of the tunnel. Using VTI does away with the need to configure static crypto map access lists and map them to interfaces. We introduced the following commands: crypto ipsec profile, interface tunnel, responder-only, set ikev1 transform-set, set pfs, set security-association lifetime, tunnel destination, tunnel mode ipsec, tunnel protection ipsec profile, tunnel source interface. |
Finally a dream becomes true! Thank you Cisco! :)