06-28-2021 01:18 AM
Hi all,
Just looking to see if anyone has done DMVPN with Firepowers.
As I can remember we could not do them with the ASAs.
Please help!!
I am looking to bid on a project very soon.
Regards
Champ
Solved! Go to Solution.
06-30-2021 12:25 AM
FTD supports dynamic crypto maps:-
Dynamic crypto map policies are applicable to both hub-and-spoke and point-to-point VPN topologies. To apply dynamic crypto map policies, specify a dynamic IP address for one of the peers in the topology and ensure that the dynamic crypto-map is enabled on this topology. Note that in a full mesh VPN topology, you can apply only static crypto map policies.
06-28-2021 01:22 AM
No FTD does not support DMVPN functionality.
The best you can do is Policy Based VPN (crypto map) - Hub and Spoke. As of 6.7 you can do Static VTI between 2 devices. There is unlikely to ever be Dynamic VTI (which is similar to DMVPN).
06-29-2021 04:17 PM
Thanks heaps Rob.
Any ideas on how I can make the VPN setup Dynamic (to simulate a dmvpn or something close) with FTD?
Regards
06-30-2021 12:25 AM
FTD supports dynamic crypto maps:-
Dynamic crypto map policies are applicable to both hub-and-spoke and point-to-point VPN topologies. To apply dynamic crypto map policies, specify a dynamic IP address for one of the peers in the topology and ensure that the dynamic crypto-map is enabled on this topology. Note that in a full mesh VPN topology, you can apply only static crypto map policies.
07-01-2021 11:23 PM
Many Thanks!!
Much appreciated
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide