Amazon EC2 Virtual Private Cloud and Cisco ASA 5520

Unanswered Question
Aug 2nd, 2010

Hi there.

I am currently trying to create a site-to-site VPN with an Amazon EC2 Virtual Private Cloud (VPC).  When creating the VPC with Amazon you enter all your connectivity details and it generates a Cisco IOS config file which is great.  I am using a Cisco ASA 5520 (software version 7.2(2)) with ASDM 5.2 (3).

The problem occurs when I try to either load the config that Amazon has supplied (TFTP) or enter it manually.  I get invalid input errors.  The config generated by Amazon is attached (please note certain parts have been hashed out for security, but I am working from a config with all the correct details).

I'm not sure if I'm doing things wrong or whether the ASA doesn't support the functionality required but I'm a bit stuck.  I know my way around the ASDM quite well but I'm a little rusty when it comes to the IOS.

Any help would be much appreciated.

Many thanks


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
mulatif Tue, 08/03/2010 - 10:08

Hi Paul,

The config generated is for an IOS Router and that is why it won't work "as it is" on the ASA.

The router config involves VRF, BGP , GRE and none of these are supported on the ASA.

ASA can setup a regular Lan-2-Lan tunnel but you will need to check with Amazon, if they support it.




This Discussion