Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

ASA and VTI configuration

Good morning experts,

 

My experience with ASAs over the last few years has been limited so I am not up on all of the newer features that they offer. I know in the past that ASAs did not support any type of tunnel interfaces and thus did not support a VTI configuration like you can do on an IOS router.

 

My problem is that I need to build a VPN tunnel between a few ASAs and a Juniper netscreen which many networks on each side that can not easily be summarized. Being able to build a route based VPN on the ASA would be very helpful as the crypto map could essentially be all zeros. Without this configuration, crypto IDs on both sides are going to get very complication very quickly.

 

I can't seem to find any info on VTI configuration for the ASA which leads me to believe it doesn't exist. However a guy I work with that uses ASAs daily firmly believes that after version 8.4 this configuration is supported.

 

Can anyone confirm please?

 

Elton

5 REPLIES

Hi Elton, Hope you are

Hi Elton,

 

Hope you are looking for this information...

http://www.cisco.com/c/en/us/support/docs/security/flexvpn/116008-flexvpn-nge-config-00.html

 

Regards

Karthik

Community Member

Dear Karthik ,I do not think

Dear Karthik ,

I do not think the posted link contain what is elton looking for , actually I have few juniper firewalls and looking to replace them with ASA's but the problem is ASA did not support tow of our main requirements which is Route Based VPN through VTI , and GRE tunneling 

I do not why Cisco did not support those features on ASA till now (as per my knowledge) most of firewall vendors support that 

Community Member

Sorry for necroposting,

Sorry for necroposting, howewer I'm curious is ASA still doesn't support VTI ipsec?

Probably times changed? 

Nope ...

Nope ...

Michael Please rate all helpful posts
Community Member

yes still not supporting but

yes still not supporting but the good thing they have PBR (policy based routing) now , we are still looking for VTI Ipsec and GRE support 

791
Views
0
Helpful
5
Replies
CreatePlease to create content