IOS-XE VPN PSK authentication using IKE ID
When using pre-shared key (PSK) authentication on a Site-to-Site VPN using Cisco IOS-XE routers, the IP address of the egress interface is used to match the PSK and authenticate the…
ASA dual ISP backup VPN
This post covers the configuration of a policy-based Site-to-Site VPN on a single Cisco ASA Firewall (or HA failover pair) with dual internet connections on the head-end ASA. Topology The…
ASA VPN preempt
ASA VPN preempt The Cisco ASA supports multi-peer VPN, useful when an organisation requires a primary and backup VPN tunnel. When the ASA detects the VPN to the primary peer…
ASA IKEV2 Policy Based VPN
ASA IKEV2 Policy Based VPN A VPN will be setup between the 2 Cisco ASA firewalls (ASAv-1 and ASAv-2). The 2 routers (R1 and R2) will act as hosts in…
ASA Dynamic VTI
Cisco Secure Firewall ASA version 9.19 introduces the Dynamic Virtual Tunnel Interfaces (DVTI) route-based VPN, which is an alternative to a policy-based VPN (crypto map). VTI is always up, unlike…
ASA tunnel internet over VPN
ASA tunnel internet over VPN In some circumstances organisations require routing internet traffic over an IPSec VPN back to the Data Centre and then access the internet from the Data…