I have 2 asa 5510's that are in 2 different sites. I need to know how to get a persistent connection between the 2 sites. I have used the VPN wizard without success.
I'm by no way proficient with cisco so please be nice with any response about needing more info, I'll get what I can if you ask.
Assuming you have the right encryption (DEs and/or 3DES etc) this should work for you.
Assuming ASA 1 uses external ip of 1.1.1.1 and internal of 11.11.11.11/24 Assuming ASA 2 uses external ip of 2.2.2.2 and internal of 22.22.22.22/24 Assuming pre shared key 3DES and MD5
Setup a set of addresses which should not be NAT'd and hence traverse the VPN ASA 1 access-list donotnat extended permit ip 11.11.11.0 255.255.255.0 22.22.22.0
Add crypto maps for other end ASA 1 crypto map newmap 10 match address vpn1 crypto map newmap 10 set peer 2.2.2.2 crypto map newmap 10 set transform-set strong
ASA 1 crypto map newmap 10 match address vpn1 crypto map newmap 10 set peer 1.1.1.1 crypto map newmap 10 set transform-set strong
That should about do it
Also remember debug crypto isakmp etc. Very useful to see what is happening.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.