I hope somebody can give me some ideas. We are trying to migrate a SonicWall (Hub Site) into a CIsco ASA. The ASA will have a static IP but the remote sites are SonicWalls with dynamic IP addresses. We have arround 25 remote SonicWalls that we need to establish L2L VPNs with. The tricky part is how can we create multiple dynamic maps and know which one is for which site. Please note the SonicWalls are using different Pre-shared Key.
In order to establish the VPN Tunnel to the ASA, you need to configure the pre-shared key in the Tunnel Group. For site to site tunnels, you can either use the IP address for the peer or use the DefaultL2LGroup. This means that all your SonicWall peers need to be configured with the same pre-shared key and you should use the DefaultL2LGroup.If you do not want to have all your peers configured with the same key, the other option is to use rsa (certificates) for authentication.
Regarding the crypto map configuration, you don't need to configure a static entry for your dynamic sites. You only need to configure a dynamic map for all the site to site tunnels and it will negotiate all the connections. Please note that your dynamic map should be attached to the crypto map and it should be the last entry of it so it won't affect any other tunnel that you have configured.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :