cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
349
Views
0
Helpful
2
Replies
Beginner

Tunnel Interface on ASAV / CSR in AWS

I am trying to setup ipsec tunnel between an ASA-V in one VPC and a CSR in another VPC using the VTI-VPN (route based vpn) using ikev2. 

I understand I need to get connectivity between the two tunnel interfaces in order to setup the VTI-VPN but I am not finding any documentation on how to do that in AWS. I cannot add an IP of an existing subnet as it overlaps and if I add another private address out of an unused subnet it has no connectivity as AWS does know anything about it. 

 

TLDR: How do I get connectivity between two tunnel interfaces on an ASA-V / CSR in two different VPC's in AWS ?

2 REPLIES 2
Highlighted
Beginner

Re: Tunnel Interface on ASAV / CSR in AWS

Are you building the tunnels separately? from the source and destination where the communication needs to flow. You don't want the Tunnel knowing about the traffic it is tunneling. Try setting up Loopbacks and make them your sour and des endpoints this way if something happens to the interfaces the Loopbacks should still be there. 

Beginner

Re: Tunnel Interface on ASAV / CSR in AWS

Are you going to use a public IP on both interfaces or just a private IP?
IF you are planning on using private IPs on both end, you can use VPC-peering to get connectivity between both IP
CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards