c2s on asa using crypto map

Unanswered Question
May 7th, 2012

hello guys ,

i have started managing a asa 5510 firewall which is already having c2s tunnels , the problem i am facing is they are configured as "crypto map"

i have attached sample config . , i am finding it difficult to understand the parameters used in each tunnel as the configration seems bit complex to me ,  if possible can anyone advice how it works .



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Maykol Rojas Mon, 05/07/2012 - 17:16


I would be glad to help if you let me know what you mean by c2s.


Maykol Rojas Tue, 05/08/2012 - 13:14


What is it that you are trying to understand or what is that you dont understand about it?

Basically the Group name is going to be extracted from the Tunnel group name you see configured. Then the attributes will be configured on the group-policy (on the router would be like the client configuration group) and on the IPsec attributes on the tunnel group is where you specify the pre-shared key.

The rest is pretty much the same, dynamic crypto maps, the crypto applied on the interface (on global configuration mode not in the interface per-se)



This Discussion