Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
381
Views
1
Helpful
1
Replies

Suggested simpler VPN technology supported with ASA1100's?

Go to solution
jmaxwellUSAF
VIP
VIP

‎02-15-2024 09:13 AM

Hello.

The enterprise is replacing DMVPN routers with ASA1100's. ASAs do not support DMVPN.

QUESTION: Must the DMVPNs be replaced with cumbersome-to-erect site-to-site IPsec tunnels, or is there a suggested simpler VPN technology supported with ASA1100's?

Thank you.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎02-15-2024 09:15 AM - edited ‎02-15-2024 09:19 AM

@jmaxwellUSAF dVTI on the hubs and sVTI on the spokes are supported using FTD or ASA image, you can then run a dynamic routing protocol over the tunnels, which is less cumbersome to manage than a crypto map policy based VPN.  This mirrors DMVPN for Hub and spoke routing but Full Mesh (spoke-to-spoke) is not supported.

https://secure.cisco.com/secure-firewall/v7.3/docs/dynamic-virtual-template-interface-dvti

 

View solution in original post

1 Reply 1

Go to solution
Rob Ingram
VIP
VIP

‎02-15-2024 09:15 AM - edited ‎02-15-2024 09:19 AM

@jmaxwellUSAF dVTI on the hubs and sVTI on the spokes are supported using FTD or ASA image, you can then run a dynamic routing protocol over the tunnels, which is less cumbersome to manage than a crypto map policy based VPN.  This mirrors DMVPN for Hub and spoke routing but Full Mesh (spoke-to-spoke) is not supported.

https://secure.cisco.com/secure-firewall/v7.3/docs/dynamic-virtual-template-interface-dvti

 

Customers Also Viewed These Support Documents