We have received form from third party, they want us to configure VPN connection with their system
Their VPN details:
1. Technical Information
Name / FQDN VPN Concentrator
IP Address (GW) *.*.*.*
VPN Device Description Cisco ASA 5555
VPN Device Version Version 9.2(4)
Encryption Domain (e.g. *.*.*.*/24 ) *.*.*.*/*.*.*.*
2. Tunnel Properties
PHASE 1
Authentication Method Pre-Shared Key
Encryption Scheme IKE
Diffie-Hellman Group Group 2
Encryption Algorithm ESP-AES-256
Hashing Algorithm SHA-1
Main or Aggressive Mode Main Mode
Lifetime (for renegotiation) 86400 seconds
PHASE 2
Encapsulation (ESP or AH) ESP
Encryption Algorithm AES-256
Authentication Algorithm SHA-1
Perfect Forward Secrecy NO PFS
Lifetime (for renegotiation) 3600 seconds
Lifesize in KB (for renegotiation) Not used
Key Exchange For Subnets? Yes
We have deployed CSR 1000V on aws, with assistance of Yang youtube video tutorials, third party are asking for encryption domain, which confuse me. I am a programmer with background in networking I did it in university, Can somebody assist me on how to archive this connection, I will add more details if needed. If you have more resources help me please.