cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2626
Views
0
Helpful
4
Replies

Do Firepower have DMVPN Functionality?

nwekechampion
Level 3
Level 3

Hi all,

 

Just looking to see if anyone has done DMVPN with Firepowers.

As I can remember we could not do them with the ASAs.

Please help!!

I am looking to bid on a project very soon.

 

Regards

Champ

1 Accepted Solution

Accepted Solutions

@nwekechampion 

FTD supports dynamic crypto maps:-

 

Dynamic crypto map policies are applicable to both hub-and-spoke and point-to-point VPN topologies. To apply dynamic crypto map policies, specify a dynamic IP address for one of the peers in the topology and ensure that the dynamic crypto-map is enabled on this topology. Note that in a full mesh VPN topology, you can apply only static crypto map policies.

 

https://www.cisco.com/c/en/us/td/docs/security/firepower/670/configuration/guide/fpmc-config-guide-v67/firepower_threat_defense_site_to_site_vpns.html

 

View solution in original post

4 Replies 4

@nwekechampion 

No FTD does not support DMVPN functionality.

The best you can do is Policy Based VPN (crypto map) - Hub and Spoke. As of 6.7 you can do Static VTI between 2 devices. There is unlikely to ever be Dynamic VTI (which is similar to DMVPN).

 

Thanks heaps Rob.

 

Any ideas on how I can make the VPN setup Dynamic (to simulate a dmvpn or something close) with FTD?

 

Regards

@nwekechampion 

FTD supports dynamic crypto maps:-

 

Dynamic crypto map policies are applicable to both hub-and-spoke and point-to-point VPN topologies. To apply dynamic crypto map policies, specify a dynamic IP address for one of the peers in the topology and ensure that the dynamic crypto-map is enabled on this topology. Note that in a full mesh VPN topology, you can apply only static crypto map policies.

 

https://www.cisco.com/c/en/us/td/docs/security/firepower/670/configuration/guide/fpmc-config-guide-v67/firepower_threat_defense_site_to_site_vpns.html

 

nwekechampion
Level 3
Level 3

Many Thanks!!

Much appreciated

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: