Hello everyone, sorry for asking this here...but I'm new using cisco ASA, and I have to make a lab, they just tell that they need this topology
router1 must do ping to loopback 1 and 2 in router2, I know the config of the router and switch, but I have no idea how to work with the ASA, I should use route-maps, its the only thing I know, can anyone help me just with tips, how should proceed?
ASAs don't generally use route maps. They are available but most customers don't use them on the ASA as it's generally regarded as a poor router and it's often sufficient to just use static routes.
In your setup we would generally have ASA1 and ASA2 in a high availability (failover) cluster. In that configuration they have an IP address on the inside and outside that is shared between each other. The config guide shows how to do that - they would dedicate a directly connected interface between each other for that function.
For sake of discussion let's call "inside" the interface closest to R1 and "outside the interfaces closest to R2.
Router 1 has a static default route to the ASA inside address. R2 has a static default route to the ASA outside address. The ASA is directly connected to R1 and R2 so does not need static routes per se.
If however the R2 loopback /32s are outside the scope of the subnet that includes the interfaces closest to the ASAs then you would either need some static routes in the ASA or else use a dynamic routing protocol like OSPF or EIGRP to establish neighbor adjacency with R2 and learn the routes.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :