Skip to main content

 

 

Cisco Defense Orchestrator

Edit an Existing CDO Site-To-Site VPN

  1. Last updated
  2. Save as PDF
This article describes the steps for editing and removing an existing site-to-site VPN.

The advanced configuration wizard is used by default to modify an existing site-to-site VPN configuration.

  1. On the navigation bar, choose VPN > Site-to-Site VPN.
  2. Select the desired site-to-site VPN tunnel that you want to edit.
  3. In the Actions pane, click Edit.
    Note:
    Alternatively, you can perform the following to edit the configuration: 
    1. Open the VPN page and click Global View button in the filter panel (for more information, see Global View).
      The illustration of all site-to-site VPN tunnels available across all devices appears. 
      To edit the configuration, one of the peers must be FTD.
    2. Select a device by clicking the box.
    3. Click View details to view its peers.
    4. Click the peer device to view the tunnel details. 
      You can view the tunnel details, NAT information, and key exchange information pertaining to the device. 
      GlobalEditS2S.JPG
    5. Click Edit in Tunnel Details.
  4. In the Peer Devices section, you can modify the following device configurations: Configuration Name, VPN Access Interface, and Protected Networks.
    Note: You cannot change the participating devices.
  5. In the IKE Settings section, you can modify the following IKEv2 policies configurations:
    1. Click the blue plus blue_cross_button.png button for the respective device and select new IKEv2 policies. To delete an existing IKEv2 Policy, hover-over the selected policy and click the x icon.
    2. Modify the Pre-Shared Key for the participating devices. If the pre-shared keys are different for endpoint devices, click the blue settings blue_gear_settings.jpg button and enter the appropriate pre-shared keys for the devices.
    3. Click Next.
  6. In the IPSec Settings section, you can modify the following IPSec configurations:
    1. Click the blue plus blue_cross_button.png button to select new IKEv2 proposals. To delete an existing IKEv2 Proposal, hover-over the selected proposal and click the x icon.
    2. Choose the Diffie-Hellman Group for Perfect Forward Secrecy.
    3. Click Edit VPN, and then Finish.

The Point to point VPN is modified and updated with all the changes you have made.

Delete an Existing CDO Site-To-Site VPN

  1. On the navigation bar, choose VPN.
  2. Select the desired site-to-site VPN tunnel that you want to delete.
  3. In the Actions pane, click Delete.

The selected VPN tunnel is deleted. 

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. There are no recommended articles.
  1. Classifications
    This page has no classifications.
  2. Tags
    1. Delete VPN
    2. Edit Site-to-Site