Filter
Top Products
24-36
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 24 Managing Site-to-Site VPNs: The Basics
Creating or Editing VPN Topologies
Field Reference
Table 24-6 Edit Endpoints Dialog Box, VPN Interface Tab
Element Description
Enable the VPN Interface
Changes on All Selected
Peers
Available if you selected more than one device on the Endpoints page
for editing.
When selected, applies any changes you make in the VPN interface tab
to all the selected devices.
VPN Interface The VPN interface defined for the selected device. Enter the name of
the interface role policy object that defines identifies the interface, or
click Select to select it from a list or to create a new interface role
object. (See Creating Interface Role Objects, page 6-68.)
If the device is an ASA 5505 version 7.2(1) or later, it must have two
interfaces defined with different security levels. For more information,
see Managing Device Interfaces, Hardware Ports, and Bridge Groups,
page 45-14.
Connection Type Only available in a hub-and-spoke VPN topology, if the selected device
is an ASA or PIX 7.0+ device, and the selected technology is Regular
IPsec.
Select the type of connection that the hub or spoke will use during an
SA negotiation:
• Answer Only—To configure the hub to only respond to an SA
negotiation, but not initiate it. This is the default for hubs.
• Originate Only—To configure the device to only initiate an SA
negotiation, but not respond to one. This is the default for spokes.
• Bidirectional—To configure the hub or spoke to both initiate and
respond to an SA negotiation.