Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
294
Views
5
Helpful
1
Replies

Mesh Topology S2S changes

Go to solution
keithcclark71
Level 3
Level 3

‎07-19-2022 03:45 AM

I have migration from current ASA to ASA S2S tunnels into FMC as a mesh topology. For reasons of migration i have to move into the FMC MESH now using IKE1. In theory once I get all the sites up and running into the mesh within FMC I should be able to make changes to the mesh that would apply to all my sites such as changing the passphrase and moving to IKE2 in a single deployment which i would thing cause a drop in the production tunnels and re-establishment of the tunnels with the new IKE2 settings?

Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎07-19-2022 03:50 AM

@keithcclark71 yes tunnels would drop. If the current tunnels were established using IKEv1, you change the configuration to use IKEv2 - the firewalls will need to establish IKEv2 SA and IPSec SA using the new settings. Best do it out of hours.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Rob Ingram
VIP
VIP

‎07-19-2022 03:50 AM

@keithcclark71 yes tunnels would drop. If the current tunnels were established using IKEv1, you change the configuration to use IKEv2 - the firewalls will need to establish IKEv2 SA and IPSec SA using the new settings. Best do it out of hours.

0 Helpful
Customers Also Viewed These Support Documents