B-19
User Guide for CiscoSecurity Manager3.0.1
OL-8214-02
AppendixB Site-to-Site VPN User Interface Reference Create VPN Wizard
Connection Type Note This element is only available in a hub-and-spoke VPN
topology, if the hub is an ASA or PIX 7.0 device and the
selected technology is regular IPSec.
To configure the ASA hub during an SA negotiation, select one of
the following connection types:
•Answer Only—Toconfigure the hub to only respond to an SA
negotiation, but not initiate it.
•Originate Only—To configure the hub to only initiate an SA
negotiation, but not respond to one.
•Bidirectional—To configure the hub to both initiate and
respond to an SA negotiation.
Peer IP Address To define the IP address of the VPN interface of the peer device,
click one of the following radio buttons:
•VPN Interface IP Address—Touse the configured IP address
on the selected VPN interface. Only one VPN interface can
match the interface role.
•IP Address forIPSec Termination—To enter manually the IP
address of the peer device. Enter the IP address in the field
provided. Only one VPN interface can match the interface role.
•IP Address of Another Existing Interface to be Used as
Local Address (unavailable if IPSec technology is
DMVPN)—Touse the configured IP address on any interface as
a local address, not necessarily a VPN interface. Enter the
interface in the field provided.
You can choose the required interface by clickingSelect. A
dialog box opens that lists all available predefined interface
roles, and in which you can create an interface role object. For
more information, see Interface Roles Page, pageC-126.
TableB-7 Edit Endpoints Dialog Box >VPN Interface Tab (continued)
Element Description