Cisco ASA Site To Site VPN IKEv2 “Using CLI”
KB ID 0001429 Problem Note: This is for Cisco ASA 5500, 5500-x, and Cisco Firepower devices running ASA Code. You want a secure IPSEC VPN between two sites using IKEv2. Note: If the device you are connecting to does not support IKEv2 (i.e. it’s not a Cisco ASA, or it’s running code older than 8.4) then you need to go to the older version of this article; Cisco ASA 5500 Site to Site VPN IKEv1 (From CLI) Solution Before you...
Cisco ASA Site to Site IKEv2 VPN Static to Dynamic
KB ID 0001602 Problem Site to Site VPNs are easy enough, define some interesting traffic, tie that to a crypto map, that decides where to send the traffic, create some phase 1 and phase 2 policies, wrap the whole lot up in a tunnel-group, and you’re done! But there needs to be a ‘peer address’ in the crypto map, and if one end of the VPN is on DHCP that address is likely to change, so you cant supply that? The...
Microsoft Azure ‘Route Based’ VPN to Cisco ASA
KB ID 0001515 Problem This covers the, (more modern) Route based VPN to a Cisco ASA that’s using a VTI (Virtual Tunnel Interface). Virtual Network Gateway Options With VPN’s into Azure you connect to a Virtual Network Gateway, of which there are TWO types Policy Based, and Route Based. This article will deal with Route Based, for the older Policy Based option, see the following link; Microsoft Azure To Cisco ASA Site to...
Microsoft Azure To Cisco ASA Site to Site VPN
KB ID 000116 Problem The one reason I prefer Cisco over Microsoft is they rarely change things, you learn how to do something and it’s learned. This is the second time have had to write this article purely because the Azure UI has changed! Virtual Network Gateway Options With VPN’s into Azure you connect to a Virtual Network Gateway, of which there are TWO types Policy Based, and Route Based. This article will deal with...
Meraki To Cisco ASA 5500 Site to Site VPN
KB ID 0001255 Problem This was surprisingly easier than I was expecting! Special thanks to Steve for letting me loose on his test network for the Meraki end of the tunnel. Here I’m using an MX 64 Security appliance, and a Cisco ASA 5510. Note: The Meraki device will need a static IP. Solution Configuring Meraki MX Device for VPN to a Cisco ASA From your Meraki dashboard > Security Appliance > Site To Site VPN. If you...