Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,
I am working on migrating an ASA configuration to an FTD configuration and the documentation says that the Site-to-Site VPN IPsec options apply to all tunnels. Our ASA has some tunnels with IPsec (Phase 2) Perfect Forward Secrecy enabled and so...
That would be hairpinning which is allowed by default in FTD. As long as your ACP, NAT, and Crypto Maps are setup properly you can have traffic go between tunnels.
So I tested this and you can have different settings per "Topology". When using a Point to Point configuration you create a different VPN Topology for each tunnel. The note in the documentation is really just referencing the Hub and Spoke and Full Me...
