Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2106
Views
0
Helpful
4
Replies

VPN on ASA - Crypto Description

cds-cisco
Level 1
Level 1

‎10-23-2012 01:12 PM

In a crypto map on an IOS router you can put a description, which we like to use to describe the VPN tunnel (Customer x, etc.).

In an ASA, I can't find anything under a crypto map definition or tunnel-group where I could put such a description.

I do see the annotation field which documnetation says ASDM uses it, and don't manually use it.

We configure via CLI only.

1 person had this problem
Labels:
0 Helpful
4 Replies 4

Jennifer Halim
Cisco Employee
Cisco Employee

‎10-23-2012 04:22 PM

No, unfortunately you can't put description on crypto map nor tunnel-group.

I would typically configure the crypto ACL with the name that matches that particular customer tunnel so you know that that particular crypto map belongs to that customer.

eg:

access-list customerA-vpn-acl permit ip

0 Helpful

mikull.kiznozki
Level 1
Level 1
In response to Jennifer Halim

‎10-24-2012 05:22 PM

also, the tunnel group is usually the IP address of the peer IP which would allow you to differenciate between different tunnel groups.

0 Helpful

Fred Fujihara
Level 1
Level 1

‎07-17-2015 11:19 AM

Actually you can (at least on an ASA 5520 and 5550).  Use the command:

tunnel-group <peer ip> general-attributes

 

Use the command "annotation"

ASA(config-tunnel-general)# annotation < 512 char  annotation text string>

 

Show run won't display the annotation, but it will show up if you use the "more system:running-config" command.

0 Helpful

Fred Fujihara
Level 1
Level 1
In response to Fred Fujihara

‎07-17-2015 11:23 AM

The "more" command will also display your preshared keys, which are normally hidden.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents