Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Site - site vpn

i want  site 2 site  vpn   between  two sites   on  cisco  ASA 5510 Firewall.

One  ASA has  already  one  site 2 site  vpn  configured. please guide  me  what  to  do  for  configurations.

Regards,

Saroj

1 REPLY
VIP Green

Site - site vpn

You can apply the following configuration on both ASAs.  Just remember that the crypto ACLs should be a mirror image of eachother.  for example if the ip 10.10.10.0 255.255.255.0 is the source at one end, this same ip will be the destination when configured at the other end.

access-list ACL-NAME extended permit ip

crypto isakmp policy

  authentication pre-share

  hash sha

  group 2

  encryption aes256

crypto ipsec transform-set SET-NAME esp-aes 256 esp-sha-hmac

tunnel-group type ipsec-l2l

tunnel-group ipsec-attributes

  pre-shared-key PASSWORD

crypto map 10 match address ACL-NAME

crypto map 10 set transform-set SET-NAME

crypto map 10 set peer

--
Please remember to rate and select a correct answer

--

Please remember to rate and select a correct answer
79
Views
0
Helpful
1
Replies
CreatePlease to create content