Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Using our FirePower 1120 we have setup a site-to-site VPN with Amazon. The server inside Amazon subnet 150.10.0.0/16 can ping a server in our intranet in subnet 140.11.0.0/16, but from our intranet we cannot ping back a server in Amazon. The site-to-...
I am trying to configure a Site-to-site VPN between our company and AWS. I entered the Firepower web interface and configured the Tunnel IP, encryption protocols and also the keys (IKEv1). I made sure to follow exactly the instructions from the AWS c...
Well, it didn't make much sense that packages were flowing from one side of the network to the other and not the other way around. The problem was that the AWS machine's firewall was incorrectly configured and was rejecting ICMP packages from our end...
I did enable crypto debug, but I thought the show command would display more useful information. > show running-config
: Saved
:
: Diagnostic interface mode: BRIDGE
:
:
: Serial Number: J********
: Hardware: FPR-1120, 5274 MB RAM, CPU Atom C3000 ...
1) I added a static route;2) The tunnel has not been established. I cannot see it connected from the Amazon side - as I could with the test I did using strongswan installed in a separate machine.3) debugging crypto gives me the following: > show cryp...
