Changing endpoint IP for L2L VPN - ASA 5510

Need to change an endpoint IP for existing site-to-site VPN, was wondering if it is as simple as it sounds by going through the CLI or ASDM and swapping out existing IP with new or if there is more heavy lifting involved.  Sanitized config below.  

crypto map 10MB_map 80 set peer (peer IP address)
crypto map 10MB_map 80 set transform-set ESP-3DES-MD5
crypto map 10MB_map 80 set security-association lifetime seconds 28800
crypto map 10MB_map 80 set security-association lifetime kilobytes 4608000
tunnel-group (peer IP address) type ipsec-l2l
tunnel-group (peer IP address) ipsec-attributes
 pre-shared-key *

If anyone has the CLI syntax that is best for testing and diagnostics on the new tunnel after IP change that would be appreciated also.


Who is Participating?
Pete LongTechnical ConsultantCommented:
You have already narrowed in on what needs to change :)
I wrote an article  a while back on how to do this...............

Cisco ASA - Changing VPN IP Addresses

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.