03-01-2017 06:27 AM
Hello :-)
I got a Cisco 881 router and a asa5505 firewall.
Whats the difference making an Site to site VPN with and without the tunnel-group command?
I have seen configs with and without configuration og the tunnel command :-)
03-01-2017 06:44 AM
On the ASA, the tunnel-group is used to configure all parameters that are needed before authentication took place. The IPsec PSK is one parameter that is configured in the tunnel-groups.
On the IOS-router, there are no tunnel-groups. Everything what the ASA has unter tunnel-group-config is done in other parts of the config. The PSKs for example are configured in crypto keyrings.
03-02-2017 03:56 AM
In tunnel group only you are pointing as site to site VPN is going to configure on firewall .
For eg : #tunnel-group XYZ type ipsec-l2l
for Remote access VPN "remote-access"
for site to site VPN " ipsec-l2l"
If this helps you Please rate me .
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide