I'm after some advice on the attached setup and wondering about the ASA order of Operations here along with PBR/Encryption. I'm comfortable with the VPN itself and PBR etc. This is more to see if anyone has a better understanding of how the PBR and Crypto work together.
I have ASA with 3 interfaces, Server hanging off Interface 3. Two goals I am looking to achieve are on there.
I know I can create a PBR and attach to Interface 3 which will achieve the 2 routing goals however I am not sure if when my PBR sends traffic to a next hop out Interface 2 that it be encrypted.
My understanding is the following -
PBR will be matching on real IP address of server (192.168.10.10).
Encryption domain will match my NAT'd address of 10.99.0.10
What I am not sure of is will my server still match the encryption domain when PBR'd out the interface with the cryptomap attached or does the use of a PBR cause it to bypass the crypto somehow?
In an ideal world I would use route based VPN but not possible for this one.
GeneralWhich Cisco Secure products include access to SecureX?What are the SecureX data retention/privacy policies?What is SSE?How can I unlink my smart account from SSE and link it to a new account?Do I have to use the same SSE region as the SecureX regio...
More people are working remotely, and this increases the risk of security breaches and the difficulty in defending remote workers where they work and securing the devices they use.
Learn about Cisco Remote Secure Worker solutions that verify workers, secu...
GeneralWhich Cisco Secure products include access to SecureX?What are the SecureX data retention/privacy policies?What is SSE?How can I unlink my smart account from SSE and link it to a new account?Do I have to use the same SSE region as the Secur...
On December 8, FireEye reported that it had been compromised in a sophisticated supply chain attack: more specifically through the SolarWinds Orion IT monitoring and management software. The attackers leveraged business software updates in order to distr...