I am trying to find a way to model the VPN tunnels for the Cisco ASA firewalls in Spectrum IM for my remote sites. I initially tried to use the Enterprise VPN Manager, but discovered that none of the firewalls were modeled. Upon further investigation I found that the VPN Manager uses BGP. When looking to change the routing protocol of the ASAs it was apparent that they don't support BGP, only OSPF. If I look at the modeled ASA devices interface page I only see the physical interfaces, no virtual interfaces appear, so there is no way that I know to manually model the connections. When questioning my CA sales/technical team about how to perform this task they pointed my to a 3rd party vendor (Packet Design) who sells a product (Route Explorer) that can model OSPF VPN tunnels and integrates with Spectrum IM. This product has a substantial price tag on it, so it is not an option at this time. I am looking to implement Spectrum Service Assurance at this time but with being able to show the remote site links accurately Spectrums fail isolation falls apart, thus adding additional challenges.
We can't be the first organization that uses Cisco ASA and Spectrum that has come up against this issue.
Any suggestions would be greatly appreciated.