07-22-2013 12:24 PM - edited 03-04-2019 08:31 PM
I have a remote site coming up that will be on a site2site VPN until the MPLS is finished. The remote site is a 2921 router, the data center is an ASA5520. I am running ZBF on all the remote sites, my question is what zone is the site2site connection in? There is the physical interface to the Internet, and the tunnel for the VPN. is that the same zone?
Sent from Cisco Technical Support iPad App
07-22-2013 12:47 PM
Hi,
if you are connected to an ASA then the VPN can't use VTI interface and so you're using regular crypto maps.
Am I right? In which case there is only a zone for the outside interface, if you're using VTI then you can have a zone for the VTI interface.
Regards
Alain
Don't forget to rate helpful posts.
07-22-2013 12:51 PM
Ok, thanks.
Sent from Cisco Technical Support iPad App
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: