cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
1012
Views
0
Helpful
4
Replies
nwekechampion
Beginner

Do Firepower have DMVPN Functionality?

Hi all,

 

Just looking to see if anyone has done DMVPN with Firepowers.

As I can remember we could not do them with the ASAs.

Please help!!

I am looking to bid on a project very soon.

 

Regards

Champ

1 ACCEPTED SOLUTION

Accepted Solutions

@nwekechampion 

FTD supports dynamic crypto maps:-

 

Dynamic crypto map policies are applicable to both hub-and-spoke and point-to-point VPN topologies. To apply dynamic crypto map policies, specify a dynamic IP address for one of the peers in the topology and ensure that the dynamic crypto-map is enabled on this topology. Note that in a full mesh VPN topology, you can apply only static crypto map policies.

 

https://www.cisco.com/c/en/us/td/docs/security/firepower/670/configuration/guide/fpmc-config-guide-v67/firepower_threat_defense_site_to_site_vpns.html

 

View solution in original post

4 REPLIES 4
Rob Ingram
VIP Expert

@nwekechampion 

No FTD does not support DMVPN functionality.

The best you can do is Policy Based VPN (crypto map) - Hub and Spoke. As of 6.7 you can do Static VTI between 2 devices. There is unlikely to ever be Dynamic VTI (which is similar to DMVPN).

 

Thanks heaps Rob.

 

Any ideas on how I can make the VPN setup Dynamic (to simulate a dmvpn or something close) with FTD?

 

Regards

@nwekechampion 

FTD supports dynamic crypto maps:-

 

Dynamic crypto map policies are applicable to both hub-and-spoke and point-to-point VPN topologies. To apply dynamic crypto map policies, specify a dynamic IP address for one of the peers in the topology and ensure that the dynamic crypto-map is enabled on this topology. Note that in a full mesh VPN topology, you can apply only static crypto map policies.

 

https://www.cisco.com/c/en/us/td/docs/security/firepower/670/configuration/guide/fpmc-config-guide-v67/firepower_threat_defense_site_to_site_vpns.html

 

nwekechampion
Beginner

Many Thanks!!

Much appreciated

Create
Recognize Your Peers
Content for Community-Ad