cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Ask the Expert- SD-WAN

173
Views
0
Helpful
2
Replies
Highlighted
Beginner

Site to site VPN

Hello :-)

I got a Cisco 881 router and a asa5505 firewall.

Whats the difference making an Site to site VPN with and without the tunnel-group command?

I have seen configs with and without configuration og the tunnel command :-)

Everyone's tags (1)
2 REPLIES 2
VIP Mentor

On the ASA, the tunnel-group

On the ASA, the tunnel-group is used to configure all parameters that are needed before authentication took place. The IPsec PSK is one parameter that is configured in the tunnel-groups.

On the IOS-router, there are no tunnel-groups. Everything what the ASA has unter tunnel-group-config is done in other parts of the config. The PSKs for example are configured in crypto keyrings.

Beginner

In tunnel group only you are

In tunnel group only you are pointing as site to site VPN is going to configure on firewall .

For eg : #tunnel-group XYZ type ipsec-l2l

for Remote access VPN  "remote-access"

for site to site VPN " ipsec-l2l"

If this helps you Please rate me .