Using the IPSEC-SPA-2G and PKI for remote access vpn

Unanswered Question
May 10th, 2010

We currently have a couple of IPSEC SPAs that we are using to terminate site to site vpn tunnels in vrf mode.  We are looking at leveraging this hardware to also terminate remote access vpn using PKI to avoid the aggressive mode security issues.  I was hoping there would be some people out there that could point me towards some good resources that will help with the configuration of such a model.  I've found some cisco documents on their website but it seems like the documents I found are trying to cover little bits of everything and leave holes when it comes to this specific deployment.  If anyone has first hand experience they would like to share I would appreciate it.  If you know of some documentation or Cisco Press books that would be of value I am open to that too.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
darin.marais Thu, 11/17/2011 - 23:25

hello David,

I have seen that there is no reply to this thread.

I was wonding if you managed to come across any good documentation and/or a configuration guide that could explain terminate "site to site ipsec tunnels in vrf - lite mode?

Many thanks in advance


This Discussion