![]() ![]() ![]() Phase-1įor the ASA, the Phase-1 settings correspond to the crypto policy. Of course, theses settings must match on the peer device. You can choose between the “Default” settings, pre-set settings for AWS or Azure, or “custom” settings. When you click on the IPSec policies, a popup appears with the Phase 1 and Phase 2 settings. The WAN IP, the private subnet and the pre-shared key do not need explanation. Here you can give a name, the WAN IP of the VPN peer, the private subnets of the remote site, the IPSec policies for phases 1 and 2 the pre-shared secret key and the “Availability”. ![]() On the Meraki MX, the configuration for “Non-Meraki VPN peers” is under: Security Appliance > Site-to-site VPN > Organization-wide settings > Non-Meraki VPN peers. The tests below have been made with MX version 14.31 (in beta at the time I write this post) and 13.33, the results were the same with both versions. Here are some tips to avoid problems and save you time. This project also includes a migration phase with site-to-site VPN tunnels between Meraki MX and Cisco ASA.Įven if the “Non-Meraki VPN peers” are supported on the Meraki MX, you may have some surprises with the Cisco ASA. As I wrote on my recent post here, I was involved into a project to implement a Meraki MX into the Azure Cloud. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |