03-30-2020 05:32 AM
Hi All,
We are in the proceed of building a S2S VPN between a ASA and a iOS router. The ISAKMP status sits at MSG6 on my ASA and we verified that the PSK is working fine, we even re-did the tunnel group.
I would want my client to set my isakmp peer ID on his iOS router , I reviewed the link but not sure how to set my peer ID on his VPN tunnel. Any help on this please?
Solved! Go to Solution.
03-31-2020 05:05 AM
Hi,
For IKEv1 use "crypto isakmp identity address/dn/hostname" or "self-identity" command under ISAKMP profile
For IKEv2 you configure "identity local address/dn/e-mail/fqdn" under your IKEv2 profile.
Regards,
Cristian Matei.
03-30-2020 05:46 AM
Hi,
Use this document as a reference for building a S2S between IOS and ASA. Once you made the configuration, see if he tunnel comes up, if not, let us know what the problem is. You should be using IKE ID of IP address, which is the default anyways for PSK authentication, so you don't need to configure the IKE ID manually.
Regards,
Cristian Matei.
03-31-2020 04:06 AM
Hi,
Thank you for your response. Can you please let me know on how to set a IKE ID manually for a peer?
03-31-2020 05:05 AM
Hi,
For IKEv1 use "crypto isakmp identity address/dn/hostname" or "self-identity" command under ISAKMP profile
For IKEv2 you configure "identity local address/dn/e-mail/fqdn" under your IKEv2 profile.
Regards,
Cristian Matei.
04-02-2020 01:26 AM
Thank you.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide