Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
641
Views
0
Helpful
0
Replies

ASAv on AWS setting up Site to Site with public IP encryp. domains

andrewmorone
Level 1
Level 1

‎01-27-2022 06:56 AM

I've been struggling with an issue for months now and I'm not sure how to resolve it. We have migrated our servers to AWS. Part of our infrastructure is connecting with partners over VPN. In the on premise data center, we ran these connections using Cisco ASA 5505s. 

In AWS we attempted to use their native Site to Site VPN, however it doesn't support public IP encryption domain. 

As a solution I've been attempting to use the Cisco ASAv product. I've been able to bring up a tunnel between the ASAv and a remote peer, however I'm having some trouble.

  • I'm unable to get the ASAv side of the VPN to initiate the VPN connection. If I enable SSH on the INSIDE interface, my host can reach it, and the ASAv has the arp record, so it's able to reach it. 
  • I'm still not clear how to do public IP encryption domains? Do I just allocate public EIPs to the VPC? Do I need to assign them or is it enough to just reserve them by allocation, and use them on the Cisco ASAv?

I'm beginning to feel like I'm the only one on the planet that has this requirement, lol. There are no videos tutorials or instructions out there, and Cisco has no documentation that I know of that addresses this.

1 person had this problem
Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents