cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

VPN Connectivity

wynneitmgr
Participant
Participant

We currently have a VPN setup for our users when they are on the road or working from home using Cisco AnyConnect. We have the VPN setup on our ASA 5508 Firewall.

 

I now have a client that we send data to that needs us to setup a VPN for the connection. I was wondering if there was anyone out there that would be able to help me create the VPN (IKEv1 or IKEv2) and fill out this VPN questionnaire. Thank you in advance!!

 

vpn1.png

1 ACCEPTED SOLUTION

Accepted Solutions

Rob Ingram
VIP Expert VIP Expert
VIP Expert

@wynneitmgr 

From the CLI you can use the following command to remove the old recipient and add a new recipient:-

 

no logging recipient-address xxxx@xxxx.com level alerts
logging recipient-address yyyy@xxxx.com level alerts

 

View solution in original post

115 REPLIES 115

Rob Ingram
VIP Expert VIP Expert
VIP Expert

Hi @wynneitmgr 

Did you actually want the command syntax or just complete the bits in yellow that are missing?

Here is the IKEv2 information, including the missing yellow bits you could use:-

 

IKEv2 Policy

Encryption: AES-256
Integrity: SHA-256
Pre-Shared Key: Make this up yourself
DH Group: 19
PRF: SHA256
Lifetime: 86400

 

IKEv2 IPSec Proposal

Encapsulation: ESP
Encryption: AES-256
Integrity: SHA-256
Lifetime: 28800

@Rob Ingram 

Thanks Rob!

 

I would like help with setting up the VPN is ASDM. As I have never really done the VPN setup part. I want to make sure not to do anything that would conflict with our current employee VPN.

Rob Ingram
VIP Expert VIP Expert
VIP Expert

Ok. take a backup before you make the configuration changes.

 

It shouldn't conflict, you can run both in parallel.

Use this guide here if you are going to configure the Site-to-Site VPN using ASDM, when prompted select the encryption, integrity etc values as specified above.

 

 

Any problems please upload the configuration

HTH