By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Inquiry Regarding IKEv2 Support for Site-to-Site VPN Connections on AWS

0

Dear AWS Support Team, I am currently in the process of setting up a VPN tunnel using site-to-site VPN connections on AWS. Specifically, I am interested in utilizing IKEv2 for compatibility with our customer's Cisco ASA 5500 series firewall, which operates on software version 9.x.

As per our understanding, Cisco ASA 9.x.x Firewalls support IKEv2 for establishing VPN connections. However, upon attempting to download the configuration for the aforementioned setup from AWS, I couldn't locate the appropriate configuration files.

Could you kindly confirm whether AWS supports IKEv2 for site-to-site VPN connections, particularly for compatibility with Cisco ASA 5500 series firewalls running on software version 9.x? If so, could you provide guidance on how to obtain the necessary configuration files for this setup?

Your assistance in this matter would be greatly appreciated.

Topics
Networking & Content Delivery
Tags
Amazon VPCVPC Virtual Private GatewayAWS Virtual Private Network (VPN)AWS Client VPN
Language
English
ijaz_ahmed
asked 11 days ago73 views
2 Answers
2
Accepted Answer

Yes, AWS site-to-site VPN supports IKEv2: https://aws.amazon.com/about-aws/whats-new/2019/02/aws-site-to-site-vpn-now-supports-ikev2/

You can download an example configuration from the console by clicking on "Download Configuration" then choosing "Cisco Systems Inc", "ASA 5500 Series", "ASA 9.7+ VTI" and "Ikev2".

profile pictureAWS
EXPERT
Brettski-AWS
answered 11 days ago
profile picture
EXPERT
Osvaldo Marte
reviewed 8 days ago
  • ijaz_ahmed
    3 days ago

    This was really helpful. Thanks @Brettski-AWS

0

Hi,

This post from CIsco may be helpful for your use case: https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-firewalls/200982-ASA-IPsec-VTI-connection-Amazon-Web-Serv.html

Best,

Didier

profile pictureAWS
EXPERT
Didier_Durand
answered 11 days ago
  • ijaz_ahmed
    11 days ago

    The post you provided talks about ikev1, which is not relevant to my query. please reconsider the query and help me with this. thanks

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content