Edit an Existing CDO Site-To-Site VPN
The advanced configuration wizard is used by default to modify an existing site-to-site VPN configuration.
- On the navigation bar, choose VPN > Site-to-Site VPN.
- Select the desired site-to-site VPN tunnel that you want to edit.
- In the Actions pane, click Edit.
Note:
Alternatively, you can perform the following to edit the configuration:- Open the VPN page and click Global View button in the filter panel (for more information, see Global View).
The illustration of all site-to-site VPN tunnels available across all devices appears.
To edit the configuration, one of the peers must be FTD. - Select a device by clicking the box.
- Click View details to view its peers.
- Click the peer device to view the tunnel details.
You can view the tunnel details, NAT information, and key exchange information pertaining to the device.
- Click Edit in Tunnel Details.
- Open the VPN page and click Global View button in the filter panel (for more information, see Global View).
- In the Peer Devices section, you can modify the following device configurations: Configuration Name, VPN Access Interface, and Protected Networks.
Note: You cannot change the participating devices. - In the IKE Settings section, you can modify the following IKEv2 policies configurations:
- Click the blue plus
button for the respective device and select new IKEv2 policies. To delete an existing IKEv2 Policy, hover-over the selected policy and click the x icon.
- Modify the Pre-Shared Key for the participating devices. If the pre-shared keys are different for endpoint devices, click the blue settings
button and enter the appropriate pre-shared keys for the devices.
- Click Next.
- Click the blue plus
- In the IPSec Settings section, you can modify the following IPSec configurations:
- Click the blue plus
button to select new IKEv2 proposals. To delete an existing IKEv2 Proposal, hover-over the selected proposal and click the x icon.
- Choose the Diffie-Hellman Group for Perfect Forward Secrecy.
- Click Edit VPN, and then Finish.
- Click the blue plus
The Point to point VPN is modified and updated with all the changes you have made.
Delete an Existing CDO Site-To-Site VPN
- On the navigation bar, choose VPN.
- Select the desired site-to-site VPN tunnel that you want to delete.
- In the Actions pane, click Delete.
The selected VPN tunnel is deleted.