Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
630
Views
0
Helpful
1
Replies

ipsec l2l tunnel asa question

kope
Level 1
Level 1

‎08-19-2011 07:54 PM - edited ‎02-21-2020 05:31 PM

Experts,

I have a asa and Cisco 2811, needs to build a site-to-site ipsec tunnel between them.

Due to a requirement need to encrypt inside trafic,  i need to apply on the inside interfaces on both devices to build the tunnel.

I dont see a problem but just want to check if it would work on terminating on Inside interfaces on both ipsec peers.

Labels:
0 Helpful
1 Reply 1

Javier Portuguez
Level 9
Level 9

‎08-19-2011 08:58 PM

Thanks for posting your question.

May I know what you mean by "terminating on Inside interfaces on both ipsec peers"?

If my understanding of your question is correct, please check the following:

You can terminate the VPN connection on the inside interfaces as long as you have something like this:

               OUT                                                  OUT

Router A --------------------------- Internet --------------------------- Router B

    |                                                                                               |

    |                                                                                               |

    |--------------------------------- Private link -------------------------------  |

          IN  <------------------> IPsec tunnel <------------------> IN

As shown above, both inside interfaces need to communicate directly, as this is traffic to the Router.

Please let me know if this answers your question.

0 Helpful
Customers Also Viewed These Support Documents