FIPS Compliant site-to-site VPN

Answered Question
Feb 5th, 2010
User Badges:

Hello.  I have ASA 5505 boxes that I want to configure for site-to-site encryption over a WAN link.  I need the enctyption to be FIPS 140-2 compliant.  I am running Cisco ASA Version 7.2(3), installed about May 2008.


My links go: LAN-ASA-Router-<WAN>-Router-ASA-LAN, where WAN will be T-1 or similar.


I have seen the site-to-site configuration examples.  If I use 3DES at each end will that be in compliance?


Anything special (IOS, software upgrade, etc) that I need?


Thanks in advance.

Correct Answer by JORGE RODRIGUEZ about 7 years 1 month ago

Asa5505 can suport up to 25 ipsec tunnels  so the answer to your question is yes,  you can have  more than one L2L vpn  from  asa_f1 , see examples  in bellow link under site-to-site VPN.



http://www.cisco.com/en/US/products/ps6120/prod_configuration_examples_list.html

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
YECA911ORG Fri, 02/05/2010 - 16:35
User Badges:

Thank you!


I have a follow-up question, that I should have made clear in my original question.


Can I make one-to-many VPN connections with the ASA 5505 firewalls, as illustrated below:


Site to site, from FW_1 to FW_A, and FW_1 to FW_B, and FW_1 to FW_C.


Actions

This Discussion

Related Content