IOS-XE VPN PSK authentication using IKE ID
When using pre-shared key (PSK) authentication on a Site-to-Site VPN using Cisco IOS-XE routers, the IP address of the egress interface is used to match the PSK and authenticate the…
ASA dual ISP backup VPN
This post covers the configuration of a policy-based Site-to-Site VPN on a single Cisco ASA Firewall (or HA failover pair) with dual internet connections on the head-end ASA. Topology The…
ASA VPN preempt
ASA VPN preempt The Cisco ASA supports multi-peer VPN, useful when an organisation requires a primary and backup VPN tunnel. When the ASA detects the VPN to the primary peer…
ASA IKEv2 Multi-Peer VPN
ASA IKEv2 Multi-Peer VPN Overview High Availability VPN can be achieved on a Cisco ASA firewall using multi-peer crypto map, previously this feature was only supported on the ASA using…
ASA Dynamic VTI
Cisco Secure Firewall ASA version 9.19 introduces the Dynamic Virtual Tunnel Interfaces (DVTI) route-based VPN, which is an alternative to a policy-based VPN (crypto map). VTI is always up, unlike…
ASA tunnel internet over VPN
ASA tunnel internet over VPN In some circumstances organisations require routing internet traffic over an IPSec VPN back to the Data Centre and then access the internet from the Data…