Site-to-Site VPN
ASA Feature |
Threat Defense Feature in Secure Firewall Management Center |
Notes |
---|---|---|
LAN-to-LAN IPsec |
Policy-based VPN UI path: Devices > Site To Site > Policy Based (Crypto Map). See: Configure a Policy-based Site-to-Site VPN. How-To: Configure a Policy-based Site-to-Site VPN, Customize IKE Options for an Existing Site-to-Site VPN Deployment, Customize IPsec Options for an Existing Site-to-Site VPN Deployment, Customize Advanced Settings for an Existing Site-to-Site VPN Deployment |
The management centerprovides a single wizard to configure VPN on the peers. |
Virtual Tunnel Interface (VTI) |
Route-based VPN UI path: Devices > Site To Site > Route Based (VTI). See: Create a Route-based Site-to-Site VPN. How-To: Create a route-based VPN (VTI), Configure a Static Route for VTI, Configure BGP routing for VTI, Configure an access control rule to allow encrypted traffic over VTI |
Creating a VPN between a hub with a dynamic VTI and spokes with static VTIs is much easier in management center using the wizard. There is no wizard in ASDM. |
Umbrella SASE |
Deploy a SASE Tunnel on Umbrella UI path: Devices > VPN > Site To Site > +SASE Topology. |
|
Monitor Site-to-Site VPN |
Monitor the Site-to-Site VPN UI path: Overview > Dashboards > Site to Site VPN. |