Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2024
Views
5
Helpful
2
Replies

Simple site to site VPN question NGFW / AWS virtual private gateway

Go to solution
daz10000
Level 1
Level 1

‎06-24-2018 03:07 PM - edited ‎03-12-2019 05:24 AM

I am trying to set up a simple site to site VPN from an NGFW Firepower 2110 device to an AWS Virtual Private Gateway.  AWS emits a config file, though they don't seem to offer anything specific for the NGFW line.   The AWS script starts with this code and in a complete fail on my part,  I can't even get the first line accepted.   It appears my device only accepts ca as a valid argument after crypto.  The GUI does allow site to site VPN setup but some of the options like aes128 don't appear explicitly.  Am I missing something or does the NGFW not accept this style of CLI configuration.  Any help appeciated and apologies if these are naiive question,

 

Darren

 

crypto isakmp policy 200
  encryption aes 128
  authentication pre-share
  group 2
  lifetime 28800
  hash sha
exit
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rahul Govindan
VIP Alumni
VIP Alumni

‎06-25-2018 06:09 PM

I am assuming that you are running the Firepower Threat Defense on the Firepoewer 2100 series chassis. You cannot use the CLI to configure the FTD, so this would have to be done through the GUI. I would get the script from AWS and manually use that to create a new Site to Site configuration with the required parameters. 

 

View solution in original post

2 Replies 2

Go to solution
Rahul Govindan
VIP Alumni
VIP Alumni

‎06-25-2018 06:09 PM

I am assuming that you are running the Firepower Threat Defense on the Firepoewer 2100 series chassis. You cannot use the CLI to configure the FTD, so this would have to be done through the GUI. I would get the script from AWS and manually use that to create a new Site to Site configuration with the required parameters. 

 

Go to solution
nathaniel.mangulad
Level 1
Level 1
In response to Rahul Govindan

‎03-20-2019 02:26 AM

Hi Mr. Rahul Govindan

Good Day, I saw this faq`s, and i think it will help me regarding my issues on connecting my Cisco Firepower Threat Defense 2130 model to AWS site-to-site VPN connection, may I ask if you already resolved this issue. If yes, may I request to provide what are the processes, steps and configuration you do in Cisco Firepower Threat Defense 2130 to established the VPN connection and resolved the issue.

 

Thank you very much, hope you consider this. It will give a lot of help.

0 Helpful
Customers Also Viewed These Support Documents