Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
749
Views
0
Helpful
1
Replies

Firepower 2110 Hub and Spoke Topology with different preshared keys

Go to solution
lsalazarv44
Level 1
Level 1

‎01-26-2018 07:50 AM - edited ‎03-12-2019 04:57 AM

Hello !!

I need to simulate a Hub and Spoke topology with several Point to Point topology VPNs using a Firepower 2110 as the Hub. The reason is the spokes must use their own particular preshared keys and IKE & IPsec policies. Is it possible to have Spoke to Spoke traffic ????

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-26-2018 08:44 AM - edited ‎01-26-2018 08:53 AM

Not by default. That is, it is possible only if you explicitly allow it.

 

The traffic would have to traverse the hub and be allowed by the crypto maps (and NAT-exempted) at the hub, spoke 1 and spoke 2.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-26-2018 08:44 AM - edited ‎01-26-2018 08:53 AM

Not by default. That is, it is possible only if you explicitly allow it.

 

The traffic would have to traverse the hub and be allowed by the crypto maps (and NAT-exempted) at the hub, spoke 1 and spoke 2.

0 Helpful
Customers Also Viewed These Support Documents