These are example parameters to enter in the Cisco ASA device configuration file to successfully connect to a Skytap WAN endpoint.
Replace [VARIABLES]
with specific values from Skytap or your corporate policy
interface [INTERNAL INTERFACE]
nameif [INSIDE INTERFACE NAME]
security-level [SECURITY LEVEL VALUE]
ip address [CUSTOMER INTERNAL NETWORK]
!
interface [EXTERNAL INTERFACE]
nameif [OUTSIDE INTERFACE NAME]
security-level [SECURITY LEVEL VALUE]
ip address [CUSTOMER VPN ENDPOINT]
access-list [ACL NAME] extended permit ip [INTERNAL ALLOWED IP RANGE] [SKYTAP VM IP RANGE]
crypto ipsec ikev1 transform-set [TRANSFORM SET NAME] esp-aes esp-sha-hmac
crypto map [CRYPTO MAP NAME] [MAP NUMBER] match address [ACL NAME]
crypto map [CRYPTO MAP NAME] [MAP NUMBER] set peer [SKYTAP VPN ENDPOINT]
crypto map [CRYPTO MAP NAME] [MAP NUMBER] set ikev1 transform-set [TRANSFORM SET NAME]
crypto map [CRYPTO MAP NAME] interface [OUTSIDE INTERFACE NAME]
crypto ikev1 enable [OUTSIDE INTERFACE NAME]
crypto ikev1 policy [UNIQUE NUMBER]
authentication pre-share
encryption aes
hash sha
group 2
lifetime 28800
tunnel-group [SKYTAP VPN ENDPOINT] type ipsec-l2l
tunnel-group [SKYTAP VPN ENDPOINT] ipsec-attributes
ikev1 pre-shared-key [SHARED SECRET KEY]
Reference Links:
Skytap VPN Configuration for Cisco ASA: https://help.skytap.com/wan-vpn-configuration-example-ciscoasa.html#SkytapVPNconfiguration
Comments
0 comments
Article is closed for comments.