Cisco Cisco ASA 5585-X Adaptive Security Appliance Guía Para Resolver Problemas
FlexVPN Between a Router and an ASA with Next
Generation Encryption Configuration Example
Generation Encryption Configuration Example
Document ID: 116008
Contributed by Graham Bartlett, Cisco TAC Engineer.
Mar 26, 2013
Mar 26, 2013
Contents
Introduction
Prerequisites
Requirements
Components Used
Conventions
Dynamically Create IPSec Security Associations
Certificate Authority
Configuration
Steps Required to Enable the Router to use the ECDSA
Certificate Authority
FlexVPN
ASA
Configuration
FlexVPN
ASA
Connection Verification
Related Information
Prerequisites
Requirements
Components Used
Conventions
Dynamically Create IPSec Security Associations
Certificate Authority
Configuration
Steps Required to Enable the Router to use the ECDSA
Certificate Authority
FlexVPN
ASA
Configuration
FlexVPN
ASA
Connection Verification
Related Information
Introduction
This document describes how to configure a VPN between a router with FlexVPN and an Adaptive Security
Appliance (ASA) that supports the Cisco Next Generation Encryption (NGE) algorithms.
Appliance (ASA) that supports the Cisco Next Generation Encryption (NGE) algorithms.
Prerequisites
Requirements
Cisco recommends that you have knowledge of these topics:
FlexVPN
•
Internet Key Exchange version 2 (IKEv2)
•
IPSec
•
ASA
•
Next Generation Cryptography
•
Components Used
The information in this document is based on these software and hardware versions:
Hardware: IOS Generation 2 (G2) Router that runs the security license.
•
Software: Cisco IOS® Software Release Version 15.2−3.T2. Any release of M or T for releases later
than Cisco IOS® Software Release Version 15.1.2T can be used because this is included with the
than Cisco IOS® Software Release Version 15.1.2T can be used because this is included with the
•