10-13-2020 05:43 PM - edited 10-13-2020 06:03 PM
Hi Cisco Community friends
I'm having trouble setting up a VPN with an FTD 2110 with FDM to Azure. I wanted to ask if anyone has any documentation, links or any recommendations.
I was reviewing the attached document, only that it is for the configuration in FMC, I also used the information in this link to configure the encryption and authentication parameters:
Regards,
JG
10-13-2020 06:50 PM
10-14-2020 01:45 AM
What is the issue you are struggling with?
10-14-2020 09:19 AM
Thanks Aref. Yesterday I did tests, phase 1 never lifted. I did tests with packet-tracer and ping tcp doesn´t show difference in phase 1. I'm using ikev2.
Regards,
JG
10-14-2020 11:18 AM
You welcome. I would enable debug crypto ikev2 protocol 127 and check the output, that might help you spotting the issue straightaway.
10-14-2020 01:02 PM
Hi
I'm doing packet-tracer to test traffic flow. In others implementations with ASA and IKEv2 I was able to see the VPN phase in the packet-tracer flow even if the VPN was down. Right now I can't see the VPN phase in the packet-tracer for the VPN traffic, I'm in version 6.2.1, I'm going to upgrade the FW first.
Regards,
JG
10-14-2020 02:12 PM
Log into the FTD via CLI, issue the command "system support diagnostic-cli", then type enable and hit enter with no password, this will take you to kind of the old ASA CLI. From there please do all the show commands related to the VPN configuration and post the sanitized output for review. Example:
show run crypto map
show run crypto ikev2
show run nat
show run access-list <the-crypto-ACL>
show run crypto ipsec
show run crypto ikev2 | i enable
10-15-2020 06:28 AM
Check out these resources:
I found this video helpful for understanding the steps which I was able to configure for my environment
https://www.youtube.com/watch?v=dA_ND-hOHG8&t=594s&ab_channel=CloudGuard
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide