Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
769
Views
0
Helpful
2
Replies

Tunnel Interface on ASAV / CSR in AWS

bashinate
Level 1
Level 1

‎06-03-2019 03:13 PM

I am trying to setup ipsec tunnel between an ASA-V in one VPC and a CSR in another VPC using the VTI-VPN (route based vpn) using ikev2. 

I understand I need to get connectivity between the two tunnel interfaces in order to setup the VTI-VPN but I am not finding any documentation on how to do that in AWS. I cannot add an IP of an existing subnet as it overlaps and if I add another private address out of an unused subnet it has no connectivity as AWS does know anything about it. 

 

TLDR: How do I get connectivity between two tunnel interfaces on an ASA-V / CSR in two different VPC's in AWS ?

Labels:
0 Helpful
2 Replies 2

delasandro
Level 1
Level 1

‎06-03-2019 06:23 PM

Are you building the tunnels separately? from the source and destination where the communication needs to flow. You don't want the Tunnel knowing about the traffic it is tunneling. Try setting up Loopbacks and make them your sour and des endpoints this way if something happens to the interfaces the Loopbacks should still be there. 

0 Helpful

vsurresh
Level 1
Level 1

‎06-04-2019 08:28 AM

Are you going to use a public IP on both interfaces or just a private IP?
IF you are planning on using private IPs on both end, you can use VPC-peering to get connectivity between both IP
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card