cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1767
Views
5
Helpful
2
Replies

Simple site to site VPN question NGFW / AWS virtual private gateway

daz10000
Level 1
Level 1

I am trying to set up a simple site to site VPN from an NGFW Firepower 2110 device to an AWS Virtual Private Gateway.  AWS emits a config file, though they don't seem to offer anything specific for the NGFW line.   The AWS script starts with this code and in a complete fail on my part,  I can't even get the first line accepted.   It appears my device only accepts ca as a valid argument after crypto.  The GUI does allow site to site VPN setup but some of the options like aes128 don't appear explicitly.  Am I missing something or does the NGFW not accept this style of CLI configuration.  Any help appeciated and apologies if these are naiive question,

 

Darren

 

crypto isakmp policy 200
  encryption aes 128
  authentication pre-share
  group 2
  lifetime 28800
  hash sha
exit
1 Accepted Solution

Accepted Solutions

Rahul Govindan
VIP Alumni
VIP Alumni

I am assuming that you are running the Firepower Threat Defense on the Firepoewer 2100 series chassis. You cannot use the CLI to configure the FTD, so this would have to be done through the GUI. I would get the script from AWS and manually use that to create a new Site to Site configuration with the required parameters. 

 

View solution in original post

2 Replies 2

Rahul Govindan
VIP Alumni
VIP Alumni

I am assuming that you are running the Firepower Threat Defense on the Firepoewer 2100 series chassis. You cannot use the CLI to configure the FTD, so this would have to be done through the GUI. I would get the script from AWS and manually use that to create a new Site to Site configuration with the required parameters. 

 

Hi Mr. Rahul Govindan

Good Day, I saw this faq`s, and i think it will help me regarding my issues on connecting my Cisco Firepower Threat Defense 2130 model to AWS site-to-site VPN connection, may I ask if you already resolved this issue. If yes, may I request to provide what are the processes, steps and configuration you do in Cisco Firepower Threat Defense 2130 to established the VPN connection and resolved the issue.

 

Thank you very much, hope you consider this. It will give a lot of help.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: