Skip to main content

 

 

Cisco Defense Orchestrator

Edit an Existing CDO Site-To-Site VPN

This article describes the steps for editing and removing an existing site-to-site VPN.

The advanced configuration wizard is used by default to modify an existing site-to-site VPN configuration.

  1. On the navigation bar, choose VPN.
  2. Select the desired site-to-site VPN tunnel that you want to edit.
  3. In the Actions pane, click Edit.
  4. In the Peer Devices section, you can modify the following device configurations: Configuration Name, VPN Access Interface, and Protected Networks.
    Note: You cannot change the participating devices.
  5. In the IKE Settings section, you can modify the following IKEv2 policies configurations:
    1. Click the blue plus blue_cross_button.png button for the respective device and select new IKEv2 policies. To delete an existing IKEv2 Policy, hover-over the selected policy and click the x icon.
    2. Modify the Pre-Shared Key for the participating devices. If the pre-shared keys are different for endpoint devices, click the blue settings blue_gear_settings.jpg button and enter the appropriate pre-shared keys for the devices.
    3. Click Next.
  6. In the IPSec Settings section, you can modify the following IPSec configurations:
    1. Click the blue plus blue_cross_button.png button to select new IKEv2 proposals. To delete an existing IKEv2 Proposal, hover-over the selected proposal and click the x icon.
    2. Choose the Diffie-Hellman Group for Perfect Forward Secrecy.
    3. Click Edit VPN, and then Finish.

The Point to point VPN is modified and updated with all the changes you have made.

Delete an Existing CDO Site-To-Site VPN

  1. On the navigation bar, choose VPN.
  2. Select the desired site-to-site VPN tunnel that you want to delete.
  3. In the Actions pane, click Delete.

The selected VPN tunnel is deleted. 

  • Was this article helpful?