Showing results for 
Search instead for 
Did you mean: 

TAC Security Podcast Episode #30 - Introducing FlexVPN



Episode Name: Episode 30 - Introducing FlexVPN

Contributors:  Magnus Mortensen, Jay Young, Wen Zhang and special guest Frederic Detienne

Posting Date: September 12, 2012

Description: Magnus interviews a panel of VPN experts on a new shift in VPN technologies, Flex VPN. The panel includes VPN escalation engineers Wen and Jay Young as well as a special guest, Frederic Detienne. Fred hails from our Brussels location and is a Distinguished Support Engineer specializing in VPN and crypto technologies. The crew talks about Flex VPN and the new IKEv2 technology.


Listen Now    (MP3 38.7 MB; 40:16 mins)


Subscribe to the Podcast in iTunes by clicking the image below:



About the Cisco TAC Security Podcast


The Cisco TAC Security Podcast Series is created by Cisco TAC engineers. Each episode provides an in-depth technical discussion of Cisco product   security features, with emphasis on troubleshooting.


Complete episode listing and show information



Show Notes

Worthy links for configuring and setting up FlexVPN:


Config guide:


Support Forums articles on Flex and IKEv2:
FlexVPN at a glance

IKE Version 2 at a glance


Support Forums configuration examples:
FlexVPN: Anyconnect to IOS headend over IPsec with IKEv2 and certificates

FlexVPN / IKEv2: Windows 7 Builtin-Client: IOS Headend: Part I - Certificate Authentication



Awesome! Thanks.


Umm..I can't wonder enough how the sec technologies have advanced since my major interest in them in 2010, and working quickly with EasyVPN in 2012, that FlexVPN became such a blockbuster in the meanwhile... definitely worth studying it to become ready for whatever sec VPN challenge may appear.

Also discovered Cisco Live web page with VoD sessions! Excellent resource!!


Peter Gasparovic

Community Member

Thanks guys, I've managed to setup a FlexVPN site to site and it has been much much more stable than my old static site to site tunnels but I can't find any guide on how to configure hub and spoke networks.

I've got a core router that all of my site VPN's currently terminate on (around 10) and I want to migrate them over to FlexVPN but I just can't find any good examples on the internet. I want to do this using PSK only, does anyone know of any good resource please?



Cisco Employee

Hi, Steve:

Good to know FlexVPN is working out for you. You can find most of the FlexVPN configuration examples here:

Specifically, for what you want to do, you can check out this example (just ignore the BFD or redundancy part if you don't need it):

If you are looking for examples using the flexvpn client block, use something like this:

Another good FlexVPN resource is this CiscoPress book:

It has plenty of examples for all kinds of FlexVPN deployment situations.

Hope this helps.



Content for Community-Ad