04-05-2012 01:15 PM
folks
i have a site to site vpn to set up between an asa 5540 and an 800 router
i only want the vpn to be initiated from the asa with the remote 800 listening for inbound connections
i know i can set the connection type on the asa as originate-only but i can find a command equivalent to answer-only for the remote 800
can anyone point me in the right direction or is it sufficient to simply configure the asa as originate-only for this crypto map
thanks to anyone taking the time to respond
Solved! Go to Solution.
04-10-2012 01:15 PM
Hi,
I would recommend configuring the tunnel as a dynamic to static VPN tunnel, the ASA will be the static peer so it will be the initiator and the Router will never be able to initiate the connection.
The ASA will have a common L2L configuration, but the Router will use a dynamic crypto map.
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a008051a69a.shtml
The PIX in the example is old so you can just adjust the commands to your current version, the important thing is to understand the concept.
Please let me know if this answers your question,
Thanks.
04-10-2012 01:15 PM
Hi,
I would recommend configuring the tunnel as a dynamic to static VPN tunnel, the ASA will be the static peer so it will be the initiator and the Router will never be able to initiate the connection.
The ASA will have a common L2L configuration, but the Router will use a dynamic crypto map.
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a008051a69a.shtml
The PIX in the example is old so you can just adjust the commands to your current version, the important thing is to understand the concept.
Please let me know if this answers your question,
Thanks.
04-16-2012 02:10 AM
javier
apologies for the delay in getting bqack to you but many thanks for your help
i'll run this up in a lab but it does seem the way to go
thanks again
04-16-2012 05:09 AM
I am glad to hear that
Please count on us at any time.
Take care!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide