Edit an Existing Security Cloud Control Site-To-Site VPN

The advanced configuration wizard is used by default to modify an existing site-to-site VPN configuration.

Procedure


Step 1

In the left pane, choose Secure Connections > Site to Site VPN > ASA & FDM.

Step 2

Select the desired site-to-site VPN tunnel that you want to edit.

Step 3

In the Actions pane, click Edit.

Note

Alternatively, you can perform the following to edit the configuration:

  1. Open the VPN page and click Global View button in the filter panel (for more information, see Global View).

    The illustration of all site-to-site VPN tunnels available across all devices appears.

    To edit the configuration, one of the peers must be FDM-managed device.

  2. Select a device by clicking the box.

  3. Click View details to view its peers.

  4. Click the peer device to view the tunnel details.

    You can view the tunnel details, NAT information, and key exchange information pertaining to the device.

  5. Click Edit in Tunnel Details.

Step 4

In the Peer Devices section, you can modify the following device configurations: Configuration Name, VPN Access Interface, and Protected Networks.

Note

You cannot change the participating devices.

Step 5

In the IKE Settings section, you can modify the following IKEv2 policies configurations:

  1. Click the blue plus button for the respective device and select new IKEv2 policies. To delete an existing IKEv2 Policy, hover-over the selected policy and click the x icon.

  2. Modify the Pre-Shared Key for the participating devices. If the pre-shared keys are different for endpoint devices, click the blue settings button and enter the appropriate pre-shared keys for the devices.

  3. Click Next.

Step 6

In the IPSec Settings section, you can modify the following IPSec configurations:

  1. Click the blue plus button to select new IKEv2 proposals. To delete an existing IKEv2 Proposal, hover-over the selected proposal and click the x icon.

  2. Choose the Diffie-Hellman Group for Perfect Forward Secrecy.

  3. Click Edit VPN, and then Finish.


The Point to point VPN is modified and updated with all the changes you have made.