03-13-2018 01:55 PM - edited 03-12-2019 05:06 AM
Can the DfltGrpPolicy be used for multiple site-to-site dynamic tunnels? I basically have a hub and spoke with a Cisco ASA 5525, and several Cradlepoint devices. The 5525 is static, and Cradlepoints are dynamic. I have tested one using the dynamic tunnel option on the 5525, but I'm curious if this same group can be used for say 15-20 cradlepoints/endpoints at the same time. So the same key would be used for all of them I'm assuming... Would I create multiple dynamic crypto maps for this?
Solved! Go to Solution.
03-13-2018 03:25 PM
Hello @neteng2323,
Yes, you can use the same Group-Policy for the rest of the connections but as you know this can be a Security concern on using the same PSK for multiple locations.
Also for dynamic connections, you can only configure one dynamic crypto map and that should do the trick.
HTH
Gio
03-13-2018 03:25 PM
Hello @neteng2323,
Yes, you can use the same Group-Policy for the rest of the connections but as you know this can be a Security concern on using the same PSK for multiple locations.
Also for dynamic connections, you can only configure one dynamic crypto map and that should do the trick.
HTH
Gio
03-14-2018 04:28 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide