Cisco
This guide will show you how to connect your Cisco device to the GoodAccess Gateway via a site-to-site connection using the IPsec protocol.
Last updated
Was this helpful?
This guide will show you how to connect your Cisco device to the GoodAccess Gateway via a site-to-site connection using the IPsec protocol.
Last updated
Was this helpful?
Click + Add new, enter the Branch name and subnet, and select Gateway.
Choose IPSec Protocol, fill out the Settings configuration form, and click Save.
Log in to your Cisco device, and go to VPN > IPSec Profiles. Click Add to create a new profile.
Give the profile a name and set the configuration as follows:
Keying mode - Auto
IKE Version - IKEv2
Click Apply to confirm your settings.
Go to VPN > Site-to-Site. Click the Add button to create a new connection.
Give the connection a name and set the configuration as follows:
Remote Endpoint - Select Static IP and enter the IP of your GoodAccess Gateway
Local Identifier Type - Local WAN IP
Local Identifier - Your public IP
Local IP Type - Subnet
IP Address - IP of your network
Subnet Mask - Your Subnet Mask
Remote Identifier Type - Remote WAN IP
Remote Identifier - IP of your GoodAccess Gateway
Remote IP Type - Subnet
IP Address - Subnet of your GoodAccess Gateway
Subnet Mask - Subnet Mask of your GoodAccess Gateway
Don't forget to Apply changes.
You have now successfully connected your device to GoodAccess.
Firewall rules
Make sure that your device allows incoming connections from your GoodAccess Gateway private subnet on the following ports:
UDP 500
UDP 4500
Switch to Advanced Setup and enable DPD (Dead Peer Detection).
Click Apply to confirm your settings.
Click on the Red floppy disk icon to access Configuration Management, and click on Apply.
Phase I & II Options - Must match configuration from GoodAccess
IPSec Profile - Select the profile you just created
Pre-shared Key - Shared Secret from GoodAccess