Now that we have finished phase 1 it is time to look at phase 2.
In phase 2 we will configure a site-to-site vpn tunnel throughout the ASDM wizard. I know it is better by cli. But i am new to Site-to-Site VPN and before you can understand the concept you need to start with the easy way. In phase 3 we will manual configure a ipsec site-to-site tunnel and give tips about what is required to be the same on both sides and what can be different.
Step 1: Create the local and remote subnet on both ASA’s
Config ASA1:
object network Local_Networks_VPN_To_Amsterdam
subnet 192.168.12.0 255.255.255.0
object network Remote_Networks_VPN_To_Heerlen
subnet 172.16.24.0 255.255.255.0
Config ASA2:
object network Local_Networks_VPN_To_Amsterdam
subnet 172.16.24.0 255.255.255.0
object network Remote_Networks_VPN_To_Heerlen
subnet 192.168.12.0 255.255.255.0
Step 2: Configure ASA1 and ASA2 to be a IPSEC Tunnel.
Look at this document for a step-by step guide on how it is created.
Step 3: Open a ping from site A to B
Very Important!
This is required. If no traffic is submitted the tunnel will stay down.
Why does something needs to be up when there is no traffic for the remote site?
Step 3 is also encluded in the guide with step 2.