Configuring site to site vpn with FTD using FDM

Описание: Configuring Site to site VPN on FTD using FDM Firepower Device Manager.

:::::::::::::::::::::::::::::::::::::::::::::::::

access-list VPN_ACL extended permit ip 172.16.11.0 255.255.255.0 172.16.10.0 255.255.255.0

crypto ipsec ikev2 ipsec-proposal Ipsc-proposal-1
protocol esp encryption aes-gcm-256 aes-gcm-192 aes-gcm
protocol esp integrity null

crypto ipsec security-association pmtu-aging infinite
crypto map CSM_Outside_map 1 match address VPN_ACL
crypto map CSM_Outside_map 1 set peer 192.168.10.15
crypto map CSM_Outside_map 1 set ikev2 ipsec-proposal Ipsc-proposal-1
crypto map CSM_Outside_map 1 set reverse-route
crypto map CSM_Outside_map interface outside

crypto ikev2 policy 10
encryption aes-gcm-256 aes-gcm-192 aes-gcm
integrity null
group 21 20 19 14 5
prf sha512 sha384 sha256 sha
lifetime seconds 86400
crypto ikev2 enable outside

tunnel-group 192.168.10.15 type ipsec-l2l
tunnel-group 192.168.10.15 general-attributes
default-group-policy .DefaultS2SGroupPolicy

tunnel-group 192.168.10.15 ipsec-attributes
ikev2 remote-authentication pre-shared-key cisco123
ikev2 local-authentication pre-shared-key cisco123

Linkedin:   / nandakumar80  


For Latest Update of Cisco FTD
Please check other Cisco Channels
   / @jasonmaynard8773  
   / @cisconetsec