CISCO ASA FIREWALL
SITE-TO-SITE VPN CONFIGURATION
Client’s end Information:
Public IP: clients’ needs to provide
Remote Subnet: clients’ needs to provide
Pre-shared key: clients’ needs to provide
dinCloud Information:
Public IP:
Remote Subnet:
Pre-shared key: (anything clients sets on his end)
Phase 1 (IKE Policy):
Lifetime 28800
DH-Group 5
You can choose either IKE policy settings for phase 1 from the below.
IKE-AES-128-SHA
IKE-AES-128-MD5
IKE-AES-192-SHA
IKE-AES-192-MD5
IKE-AES-256-SHA
IKE-AES-256-MD5
IKE-3DES-SHA
IKE-3DES-MD5
IKE-DES-SHA
IKE-DES-MD5
Phase 2 (ESP Policy):
Compression Disable
Lifetime 3600
Mode Tunnel
You can use either ESP policy settings for phase 2 from the below.
ESP-AES-128-SHA
ESP-AES-128-MD5
ESP-AES-192-SHA
ESP-AES-192-MD5
ESP-AES-256-SHA
ESP-AES-256-MD5
ESP-3DES-SHA
ESP-3DES-MD5
ESP-DES-SHA
ESP-DES-MD5