Hi,
I am trying to setup a tunnel between a firepower and mx84.
I want to use IKEv2
Phase 1 AES 256 -- SHA256 -- DH 14 - 86400
Phase 2 AES256 -- SHA256 -- DH 14 -- 3600
Will the MX84 work with the above?
I have had a quick test but connection wasn't made.
Thank you in advance.
Ash
Solved! Go to solution.
It should have worked. Did you check de Preshared's secret?
It should have worked. Did you check de Preshared's secret?
Try to specify the remote id
So would that be the public or private ip of the firepower?
try the public IP
Yes, the key was correct.
I am going to try again to see if there is anything is missed.
How many networks do you have on each side of the VPN? If more than one, try using IKEv1.
The bulk of the problems stem from having one or both devices behind a NAT which makes the IKE remote ID a problem if you cannot customize it or do it incorrectly.
Also make sure you configure a policy based VPN and not a route based one since Meraki does not support the latter yet.
Thank you, we are going to try it again next Wednesday as it is a live system.
We currently have a tunnel but use IKEv1 and it is a ASA.
Fingers crossed.
Tunnel its up.
I didnt need to add remote peer ID.
Settings i posted all worked.
Thank you all for your replies.
So what was the problem ?
Was it just the Pre-shared key ?