Best practices guide for Site to Site VPN

dpetrovi · ‎01-09-2019

Hi experts,

Can anyone point me toward the most up to date Cisco best practices guide for Site to Site VPN configuration? There is a lot of information on this topic online, but what would be document that would be considered as the one with most credibility?

Thank you.

-Dejan

Sheraz.Salim · ‎01-09-2019

this link give you a Cisco official best practice for vpn

https://www.cisco.com/c/en/us/support/security/flexvpn/products-configuration-examples-list.html

https://www.cisco.com/c/en/us/support/docs/routers/1700-series-modular-access-routers/71462-rtr-l2l-ipsec-split.html

please do not forget to rate.

Rob Ingram · ‎01-09-2019

Hi,
It depends on what hardware you are using; router, ASA or FTD and what type of topology (Hub and Spoke, Spoke-to-Spoke, MESH etc). There is not currently feature compatiblity between ASA and FTD.

Internally there used to be the RTR (route to readiness) guides, I think they used to cover VPNs, you may want to check there.

The Cisco Live presentations such as BRKSEC-1050 provides detailed information on the different VPN types, page 133-134 has a useful table providing information when to use each type of VPN and what features are available.

Either way you probably want to be using the latest NGE, reference here.

HTH