cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
287
Views
10
Helpful
3
Replies

Can we do data transfer only with phase 1 tunnel in ASA firewall

veeramani Gopal
Level 1
Level 1

Hi 

 

I have query on asa firewall whether can we do data transfer without enabling Phase 2 ipsec tunnel up.

 

Regards

Veeramani.G

3 Replies 3

Richard Burts
Hall of Fame
Hall of Fame

Veeramani.G

 

No you can not do data transfer on ASA using VPN only phase 1. For data transfer on ASA using VPN there must be both phase 1 and phase 2.

 

HTH

 

Rick

HTH

Rick

Rick 

 

thanks for quick response.

May i know why its not possible. 

 

Veeramani G

I am glad that my first response was helpful. It is not possible to have data transfer on ASA using VPN with only phase 1 because the Security Association that identifies the encryption of data that protects the data in IPsec is negotiated in phase 2. In the phase 1 the ASA is negotiating the working keys that will be used but does not negotiate the encryption parameters until in phase 2.

 

HTH

 

Rick

HTH

Rick
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: