![]() ![]() Navigate to Objects > Object Management > VPN > IKEv2 Policy. ![]() Make a note of the following algorithms which must match on the peer device. The new for 6.7 IKEv2 Policy AES-GCM-NULL-SHA-LATEST removes depreciated algorithms. Navigate to Objects > Object Management > VPN > IKEv2 IPSec Proposal.We will use the existing default IKEv2 IPSec Proposal, make a note of the algorithms for reference when configuring the peer device. The post covers only the configuration of the Site-to-Site VPN. This post describes the steps to configure a Route-based VPN using a static VTI between an FTD 6.7 managed by an FMC and an ASA 9.14. Prior to this version FTD/FMC only supported policy-based VPNs, which required configuring a crypto map with static access lists. Supported from this version is the long-awaited Virtual Tunnel Interface (VTI) for route-based site-to-site VPNs. In November 2020 Cisco released the Firepower Threat Defence (FTD) and Firepower Management Centre (FMC) version 6.7.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |