Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

2921router with zone-based firewall and VPN

I have a remote site coming up that will be on a site2site VPN until the MPLS is finished. The remote site is a 2921 router, the data center is an ASA5520. I am running ZBF on all the remote sites, my question is what zone is the site2site connection in? There is the physical interface to the Internet, and the tunnel for the VPN. is that the same zone?

Sent from Cisco Technical Support iPad App

2 REPLIES
Purple

2921router with zone-based firewall and VPN

Hi,

if you are connected to an ASA then the VPN can't use VTI interface and so you're using regular crypto maps.

Am I right? In which case there is only a zone for the outside interface, if you're using VTI then you can have a zone for the VTI interface.

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
New Member

Re: 2921router with zone-based firewall and VPN

Ok, thanks.

Sent from Cisco Technical Support iPad App

177
Views
0
Helpful
2
Replies
CreatePlease to create content