Cisco Systems ASA 5500 Manual De Usuario

The VPN peer is the system on the other end of the connection that you are 
configuring, usually at a remote site. 

In this scenario, the remote VPN peer is referred to as Security Appliance 2 from 
this point forward. 

In Step 2 of the VPN Wizard, perform the following steps: 

Enter the Peer IP Address (the IP address of Security Appliance 2, in this scenario 
209.165.200.236) and a Tunnel Group Name (for example “Cisco”). 

Specify the type of authentication that you want to use by performing one of the 
following steps: 

To use a static preshared key for authentication, click the Pre-Shared Key 
radio button and enter a preshared key (for example, “Cisco”). This key is 
used for IPSec negotiations between the adaptive security appliances.

When you configure Security Appliance 2 at the remote site, the VPN 
peer is Security Appliance 1. Be sure to enter the same preshared key 
(Cisco) that you use here.

Click the Challenge/Response Authentication radio button to use that 
method of authentication. 

To use digital certificates for authentication, click the Certificate radio 
button, choose the Certificate Signing Algorithm from the drop-down list, 
and then choose a preconfigured trustpoint name from the drop-down list. 

If you want to use digital certificates for authentication but have not yet 
configured a trustpoint name, you can continue with the Wizard by using one 
of the other two options. You can revise the authentication configuration later 
using the standard ASDM screens.