December 1, 2022

Route Based Site-to-Site VPN Support for ASA

Using Cisco Defense Orchestrator, you can now create a site-to-site VPN tunnel between peers with Virtual Tunnel Interfaces configured. This supports route based VPN with IPsec profiles attached to the end of each tunnel. Any traffic routed into the IPSec tunnel is encrypted regardless of the source/destination subnet.

VTI-based VPNs can be created between:

• A CDO-managed ASA and any route-based VPN-capable device.

• Two CDO-managed ASAs.

See Site-to-Site Virtual Private Network for more information.

Global Search

The global search feature in CDO allows you to search for and navigate to devices managed by CDO. This feature now supports the search capability for devices that are managed in Cloud-delivered Firewall Management Center from the CDO user interface. From the search results, you can navigate to the corresponding pages in Cloud-delivered Firewall Management Center.

See Global Search for more information.