Unanswered Question
Aug 3rd, 2009
User Badges:

Hello NetPro,

we have 8 sites with ASA55(>4)X . As per of now they are connected with static vpn tunnels. (full mesh)

As you may imagine more sites - more vpn we need to add to maintain full reachability.

I am looking for something like DMVPN but on ASA devices, or , at least some ideas which can help me ease of maintaining large amount of vpn tunnels.

Any advises will be warmly appreciated.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Roman Rodichev Mon, 08/03/2009 - 13:40
User Badges:
  • Gold, 750 points or more

DMVPN requires GRE tunneling, and since ASA doesn't support GRE, DMVPN is not possible.

You can use dynamic crypto tunnels which will minimize configuration on the ASA, and allow remote sites connect to the ASA dynamically.

Here's an example:

You can also use ezVPN, which is kind of like dynamic crypto but uses different configuration.




This Discussion