Re: [c-nsp] Cisco ASA 5512x VPN to Cradlepoint

[Erik Sundberg]

Here's two Cisco docs on this one is ikev1 and the other is ikev2


https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/119007-config-asa9x-ike-ipsec-00.html


https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/118652-configure-asa-00.html


 Just match the phase 1 and phase 2 crypto settings between the two.




From: cisco-nsp  on behalf of Garrett 
Skjelstad 
Sent: Wednesday, December 19, 2018 10:27:08 AM
To: Lee Starnes
Cc: cisco-nsp NSP
Subject: Re: [c-nsp] Cisco ASA 5512x VPN to Cradlepoint

Certificates or PSK?

On Tue, Dec 18, 2018, 10:48 Lee Starnes  Hello All,
>
> Does anyone have any good links on how to best setup an IPSec VPN tunnel
> from an ASA to a Cradlepoint that is on an LTE connection with a Dynamic
> IP? I have all the configuration for the Cradlepoint side done, but having
> difficulty with the ASA side since the cradlepoint is on an Dynamic IP.
>
> Best Regards,
>
> Lee
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] Dual Homed Site with L2 Backup

[Arie Vayner]

Vxlan is the future... 😉
Be very careful with the mtu implications.

Tnx, Arie

On Sat, Dec 22, 2018, 03:25 Richard Clayton  Hi Guys
>
> Scenario
>
> Customer has dual homed geographically seperated site into mpls wan.  They
> also have a single layer 2 circuit running between the two.  The
> requirement is to backup the layer 2 over the wan circuits.  The wan
> hardware at both sites is cisco 4k ios xe.
>
> I'm interested to know how you guys would achieve this.  I've had the
> luxury of 4 days in the lab testing VXLAN, OTV and L2TPV3 xconnect between
> the two 4k routers, also did JDSU throughout testing over the tunnel, was
> quite interesting.
> ___
> cisco-nsp mailing list  cisco-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

[c-nsp] Dual Homed Site with L2 Backup

[Richard Clayton]

Hi Guys

Scenario

Customer has dual homed geographically seperated site into mpls wan.  They
also have a single layer 2 circuit running between the two.  The
requirement is to backup the layer 2 over the wan circuits.  The wan
hardware at both sites is cisco 4k ios xe.

I'm interested to know how you guys would achieve this.  I've had the
luxury of 4 days in the lab testing VXLAN, OTV and L2TPV3 xconnect between
the two 4k routers, also did JDSU throughout testing over the tunnel, was
quite interesting.
___
cisco-nsp mailing list  cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/