Cisco ASA 5505 Getting Started Manual page 94

Implementing the Site-to-Site Scenario
Providing Information About the Remote VPN Peer
Note
Step 1
Step 2
Cisco ASA 5505 Getting Started Guide
8-6
The VPN peer is the system on the other end of the connection that you are
configuring, usually at a remote site.
In this scenario, the remote VPN peer is referred to as Security Appliance 2.
In Step 2 of the VPN Wizard, perform the following steps:
Enter the remote Peer IP Address (209.165.200.236) and a Tunnel Group Name
(for example, "Cisco").
Specify the type of authentication that you want to use by selecting one of the
following authentication methods:
To use a static preshared key for authentication, click the Pre-Shared Key
•
radio button and enter a preshared key (for example, "Cisco"). This key is
used for IPSec negotiations between the adaptive security appliances.
For site-to-site connections with pre-shared key authentication such
Note
as this scenario, the tunnel group name must be the same as either the
IP address of the peer or the peer hostname, whichever is used as the
peer identity.
To use digital certificates for authentication, click the Certificate radio
•
button, choose the certificate signing algorithm from the Certificate Signing
Algorithm drop-down list, and then choose a preconfigured trustpoint name
from the Trustpoint Name drop-down list.
If you want to use digital certificates for authentication but have not yet
configured a trustpoint name, you can continue with the Wizard by using one
of the other two options. You can revise the authentication configuration later
using the same ASDM screens.
Click the Challenge/Response Authentication radio button to use that
•
method of authentication.
Chapter 8 Scenario: Site-to-Site VPN Configuration
78-17612-02