@jakub-wawrzacz-p1 said in Site-to-Site VPN between Cisco ASA and Meraki MX: The KB I Wish Meraki Had Written:
@networknerd I will check out the blog as well thank you. Btw: just to give you an update, I had to do 2 more things to get a stable tunnel and that is set the 2nd Phase Lifetime to be lower than the Phase 1 and remove other encryption policies on the ASA. For example, I used for Phase One 3DES, SHA, DH Group 2 and Lifetime 86400 and for Phase 2 I used AES192, SHA, PFS Off and Lifetime 28800. On the ASA side, I disabled the IKev2 and for the Encryption Policy I only left enabled what you see above, plus obviously matched the time to 28800. I got stable tunnel then. Before these changes the tunnel kept dropping.
That's great information to have. Thanks for sharing!
