Cisco Cisco ASA for Nexus 1000V Series Switch 문제 해결 가이드
Conventions
Refer to Cisco Technical Tips Conventions for more information on document conventions.
Backround information
The site−to−site VPN is working fine between the HQASA and the BQASA. Assume that the BQASA has
got a complete network re−design and the IP schema has been modified at the ISP level, but all the internal
subnetwork details remain the same.
got a complete network re−design and the IP schema has been modified at the ISP level, but all the internal
subnetwork details remain the same.
This sample configuration uses these IP addresses:
Existing BQASA Outside IP address − 200.200.200.200
•
New BQASA Outside IP address − 209.165.201.2
•
Note: Here, only the peer information will be modified. Because there is no other change in internal subnet,
the crypto access−lists remain the same.
the crypto access−lists remain the same.
ASDM Configuration
This section provides information about the possible methods used to change VPN peer information on
HQASA using the ASDM.
HQASA using the ASDM.
Create a New Connection Profile
This can be the easier method because it does not disturb the existing VPN configuration and can create a new
connection profile with the new VPN peer related information.
connection profile with the new VPN peer related information.
Go to Configuration > Site−to−Site VPN > Connection Profiles and click Add under the Connection
Profiles area.
Profiles area.
The Add IPSec Site−to−Site Connection Profile window opens up.
1.
Under the Basic tab, provide the details for Peer IP Address, Pre−shared Key, and Protected
Networks. Use all the same parameters as the existing VPN, except the peer information. Click OK.
Networks. Use all the same parameters as the existing VPN, except the peer information. Click OK.
2.