08-08-2024 10:49 PM
my company has a cisco firepower 1120. i have to configure site to site VPN with other company. i gave a information from other company. my device, the firepower i configure from the FDM. on internet, i found that the FDM supports just route based site to site VPN. other company gave me information that they have not possibility configuring device with route based site to site VPN, just with policy based site to site VPN. i must configure policy based site to site VPN. on internet, i found that exists template for policy based site to site VPN for configuring. can we give me some information about this? one more question, i must configure policy based site to site VPN from the CLI. which terminal do I use to configure this option? is it system support diagnostic-cli?
Solved! Go to Solution.
08-12-2024 04:30 AM
maybe this
08-12-2024 04:34 AM
Yes this it' you see type is manual not auto' you need to change NAT type and check
MHM
08-12-2024 04:37 AM
type rule is greyed on this rule. i cant change to Auto
08-12-2024 04:39 AM - edited 08-12-2024 04:39 AM
add new one with Type auto after that disable this one.
MHM
08-11-2024 11:01 PM
now, i have one more problem, when i type show crypto ikev2 sa or show crypto ipsec sa, but i receive error message there are not ikev2 key, like the tunnel is down
08-08-2024 11:17 PM
does such a possibility exist at all?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide