08-29-2016 12:45 AM - edited 02-21-2020 08:57 PM
Hi
I'm making a presentation about Site-to-Site VPN between 2 Cisco ASA Firewalls for a school project. During the presentation i would like to show the difference between encrypted and unencrypted traffic. My plan is to have a VPN connection established between two ASA Firewalls (It has to be firewalls)
I would like to turn off IPSEC, setup wireshark on a PC and send some ICMP traffic and then show what the ICMP packages looks like in plain text.. Then turn on IPSEC and once again show what the package looks like when its been encrypted.
But is it even possible to turn off IPSEC on a site to site connection on a cisco ASA Firewall? I haven't been able to find any solution..
08-29-2016 01:50 AM
Hi,
Unfortunately no. This is a requirement of S2S config on ASA.
HTH.
Regards,
Terence
08-29-2016 01:51 PM
Is it just about showing that one transmission is clear text and the other is encrypted? Then you could configure IPSec with a transform-set with esp-null encryption first and then show the difference to a "real" encryption.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide