Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
500
Views
0
Helpful
2
Replies

Site to site VPN

kkragelund
Level 1
Level 1

‎03-01-2017 06:27 AM

Hello :-)

I got a Cisco 881 router and a asa5505 firewall.

Whats the difference making an Site to site VPN with and without the tunnel-group command?

I have seen configs with and without configuration og the tunnel command :-)

Labels:
0 Helpful
2 Replies 2

Karsten Iwen
VIP
VIP

‎03-01-2017 06:44 AM

On the ASA, the tunnel-group is used to configure all parameters that are needed before authentication took place. The IPsec PSK is one parameter that is configured in the tunnel-groups.

On the IOS-router, there are no tunnel-groups. Everything what the ASA has unter tunnel-group-config is done in other parts of the config. The PSKs for example are configured in crypto keyrings.

0 Helpful

MANI .P
Level 1
Level 1

‎03-02-2017 03:56 AM

In tunnel group only you are pointing as site to site VPN is going to configure on firewall .

For eg : #tunnel-group XYZ type ipsec-l2l

for Remote access VPN  "remote-access"

for site to site VPN " ipsec-l2l"

If this helps you Please rate me .

0 Helpful
Customers Also Viewed These Support Documents