Cisco ASA 5550 Series Getting Started Manual page 94

Implementing the Site-to-Site Scenario
Providing Information About the Remote VPN Peer
Note
Step 1
Step 2
Cisco ASA 5550 Getting Started Guide
8-6
The VPN peer is the system on the other end of the connection that you are
configuring, usually at a remote site.
In this scenario, the remote VPN peer is referred to as Security Appliance 2 from
this point forward.
In Step 2 of the VPN Wizard, perform the following steps:
Enter the Peer IP Address (the IP address of Security Appliance 2, in this scenario
209.165.200.236) and a Tunnel Group Name (for example "Cisco").
Specify the type of authentication that you want to use by performing one of the
following steps:
To use a static preshared key for authentication, click the Pre-Shared Key
•
radio button and enter a preshared key (for example, "Cisco"). This key is
used for IPsec negotiations between the adaptive security appliances.
When you configure Security Appliance 2 at the remote site, the VPN
Note
peer is Security Appliance 1. Be sure to enter the same preshared key
(Cisco) that you use here.
Click the Challenge/Response Authentication radio button to use that
•
method of authentication.
To use digital certificates for authentication, click the Certificate radio
•
button, choose the Certificate Signing Algorithm from the drop-down list,
and then choose a preconfigured trustpoint name from the drop-down list.
If you want to use digital certificates for authentication but have not yet
configured a trustpoint name, you can continue with the Wizard by using one
of the other two options. You can revise the authentication configuration later
using the standard ASDM screens.
Chapter 8 Scenario: Site-to-Site VPN Configuration
78-17644-01