I have 2 Cisco ASA connected in 2 offices which have a fully functional l2l ipsec tunnel. A new layer 2 link has been installed on each site and I am terminating it on a firewall FE int on each site with private address. Connenctivity is established. So I want to swap the vpn from using the outside interfaces to the new installed interfaces
On both firewalls I have enabled isakmp on the new interface
I have created a new tunnel group for each side using the same pre share key (thanks to the more system:running config command :-))
enabled the crypto map "my_map" on new interfaces
thats all I should need?
I have tested it by removing the existing peers and using new peers and its not coming up saying there is no match
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...