Thanks for the reply Denis.

I already referred the link which you shared. Configuration which mentioned on this link applied for Cisco Router only not for ASA.

I do have idea about the tunnel interface (I built route-based VPN on Juniper, Fortigate). In other vendor (Fortigate, Juniper) firewalls, we can create tunnel interface and map the same with 'Outside' interface. However I don't have any idea on Cisco ASA device, also I'm not seeing any commands on ASA for creating tunnel interface on ASA.

So I'm looking for assistance to built Route-based VPN on ASA.

Thanks & Reagrds,

Gan

http://packetsneverlie.blogspot.com.au/2012/06/route-based-ipsec-vpn-on-asa.html

Hi Dennis,

I referred this link as well, this config is same as policy-based VPN.

The reason why i'm saying this is, we need to come up with new interface IP and route it though that interface. The same we are doing in policy-based VPN as well.

In Juniper, we need to create tunnel-interface and map it with Outiside interface, so no need to specify different IP for tunnel interface.

ASA's won't allow you to do that mate, they are policy based, if you need logical Tunnel interfaces, you require a L3 device with crypto features, not an ASA.

Route-based VPN (VTI) for ASA.

 + You need an ASA with frame version 9.7 and above.

+ Steps to do the configuration using ASA with VTI vpn.

http://www.cisco.com/c/en/us/td/docs/security/asa/asa97/configuration/vpn/asa-97-vpn-config/vpn-vti.html

+ Tunnel interface is not visible for OSPF

+ only IKEv1 is supported with VTI

+IKEv2 is not available for the VTI IPSec profile.(no IKEv2 with route based VPNs on ASA).

+ only BGP is listed in the documentation link which is working for now.

If you like that answer please rate it .

Thank you