Has anyone had issues where guest users would come into your company network to VPN out to their own company network but is not able because the return traffic back to that user comes back as ESP instead of IP?
Network Security
Engage with peers and experts on network security topics such as Secure Firewall Threat Defense, Adaptive Security Appliance, Secure Firewall Management Center, and Security Cloud Control.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- Technology and Support
- Security
- Network Security
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Labels
-
AAA
(8) -
Access Control Server (ACS)
(6) -
Access List
(4) -
ACI
(10) -
Advanced Threats
(1) -
AMP for Endpoints
(1) -
AnyConnect
(3) -
APIs
(1) -
Appliances
(18) -
ASA
(1) -
ASR 1000 Series
(1) -
Branch Router
(2) -
Buying Recommendation
(85) -
Catalyst 2000
(1) -
Catalyst 3000
(2) -
Catalyst 4000
(1) -
Catalyst 6000
(1) -
Catalyst 8000
(1) -
Catalyst 9000
(2) -
Catalyst Switch
(2) -
Catalyst Wireless Controllers
(1) -
Cisco
(1) -
Cisco Adaptive Security Appliance (ASA)
(9,521) -
Cisco Bugs
(31) -
Cisco Cafe
(25) -
Cisco CLI Analyzer
(1) -
Cisco Cloud Services Router
(1) -
Cisco Defense Orchestrator (CDO)
(140) -
Cisco Firepower Device Manager (FDM)
(812) -
Cisco Firepower Management Center (FMC)
(2,909) -
Cisco Firepower Threat Defense (FTD)
(3,164) -
Cisco Press Cafe
(1) -
Cisco Secure Firewall Device Management (FDM)
(5) -
Cisco Secure Firewall Management Center (FMC)
(29) -
Cisco Secure Firewall Threat Defense (FTD)
(41) -
Cisco Security Cloud Control
(2) -
Cisco Security Manager (CSM)
(3) -
Cisco Software
(17) -
CISCO START ANZ
(1) -
Cisco Threat Response
(1) -
Cisco Vulnerability Management
(42) -
Cloud
(1) -
Cloud Security
(3) -
Community Bug or Issue
(1) -
Community Feedback Forum
(31) -
Community Ideas
(18) -
Compliance and Posture
(1) -
Crypto
(1) -
CSC Content with No Valid Community to Post
(1) -
CUBE
(1) -
CUCM
(1) -
Data Center Networking
(1) -
Device Admin
(13) -
EEM Scripting
(1) -
Emergency Responder
(1) -
Endpoint Security
(6) -
Enterprise Agreement
(1) -
Event Analysis
(258) -
FirePOWER
(1) -
Firepower Chassis Manager (FCM)
(2) -
Firepower Device Manager (FDM)
(16) -
Firepower Management Center (FMC)
(408) -
Firepower Threat Defense (FTD)
(221) -
Firewall Migration Tool (FMT)
(26) -
Firewalls
(1,171) -
FMC
(1) -
General
(2) -
Guest
(1) -
Identity Services Engine (ISE)
(9) -
IE3300
(1) -
Integrated Security
(8) -
Integrated Security Architecture
(1) -
Integrations
(3) -
Investigation
(2) -
iOS
(1) -
IPS and IDS
(6,570) -
IPS and IDS1
(1) -
IPS-IDS
(1) -
IPSEC
(1) -
ISE
(1) -
LAN Switching
(7) -
License
(321) -
MPLS
(1) -
Multicloud Defense
(2) -
Network Management
(90) -
Network Security
(2) -
Networking
(1) -
NFVIS
(1) -
NGFW Firewalls
(37,557) -
NGIPS
(1,872) -
Online Tools and Resources
(1) -
Optical Networking
(3) -
Optics
(1) -
Other Collaboration Topics
(1) -
Other Community Feedback
(4) -
Other Firewalls
(1) -
Other NAC
(18) -
Other Network
(1) -
Other Network Security Topics
(10,770) -
Other Networking
(8) -
Other Routers
(9) -
Other Routing
(24) -
Other Routing and Switching topics
(2) -
Other Security
(1) -
Other Security Topics
(18) -
Other Switches
(11) -
Other Switching
(4) -
Other VPN Topics
(1) -
Passive Identity
(1) -
Physical Security
(20) -
Policy and Access
(2) -
Prioritization
(2) -
Remote Access
(2) -
Room Endpoints
(1) -
Routing Protocols
(7) -
SD-WAN Security
(1) -
Secure Network Analytics
(1) -
Security
(3) -
Security Management
(627) -
Segmentation
(3) -
Service Providers
(1) -
Small Business Routers
(4) -
Small Business Security
(2) -
Sourcefire
(2) -
Support
(2) -
Threat Containment
(6) -
Threat Defense
(1) -
Unified Computing System (UCS)
(1) -
Voice Gateways
(1) -
VPN
(24) -
VPN and AnyConnect
(1) -
Vulnerability Management
(41) -
WAN
(7) -
Web Security
(5) -
Webex Teams
(1) -
Wired
(3) -
Wireless Security
(1)
- « Previous
- Next »
Forum Posts
Hi, one of inside user are not able to connect with servers through remote VPN. And when I use clear xlate command then it works but after some time same issue happens. After inspection the logs then I found the following error.regular translation cr...
At first i configure my asa 5520 8.0 to vpn with 3des encryption but now i want aes encryptionWhen i set new crypto isakmp policy & transform-set it's not working and i see in debug this:IKEv1]: Group = x.x.x.x, IP = x.x.x.x, QM FSM error (P2 struct ...
Hi I have a Cisco ASA 5540 that I have numerous lan-to-lan VPN's. According to one of our IT analysts, they primarily use the tunnel from midnight to 7am. Outside of that time frame they say the tunnel goes down. Should I increase the timeout on my s...
Since the performance of a given physical firewall between an active active pair can vary dramatically depending where the two contexts are, what might be some general approaches regarding monitoring (HPOV or MARS or SYSLOG) and properly detecting da...
Hi all - I was hoping to get a few experienced eyes on my config. I am having problems connecting to the internet from the internal vlans. Any ideas?Also, I am trying to setup dhcp on both vlan2 (private) and vlan3 (guest) however only the vlan2 (...
Dear sir,We have cisco asa5520 firewall and we have two different isp links now we want to maintain two different networks through this firewall(we want to use two separate gateways through this )Is it possible to do like this.
Hi,I have two Cisco ASA 5520 having VPN plus license, currently we are using only one and other one is kept as ideal.I want to configure Active/Standby failover by using this two. I have checked in ASA it showing I have license for Active /Active fai...
Resolved! Advice on a second VPN to a DMZ
I was to follow this cisco example of configuring a Lan-to-Lan VPN:hostname(config)# interface ethernet0hostname(config-if)# ip address 10.10.4.100 255.255.0.0hostname(config-if)# no shutdownhostname(config)# isakmp policy 1 authentication pre-shareh...
I have a single net static for 120 dmz servers with no max_conns or em_limit set.Can anyone confirm whether values I set on the net static will apply to each host, or to the combined traffic for all hosts? I plan to replace with separate statics for ...
Hi,We have a server in Inside interface it should be accessed for Lan-to-Lan Vpn users not DMZ we are using ASA 5505
Hi!Can anybody give me the config to allow clients coming from dmz 192.168.22.0 access my terminal server (192.168.2.2) through inside 192.168.2.3 interface of pix and dmz to my isp router (public IP)through the outside interface (public ip) of pix.I...
I have three questions regarding auth-proxyone: (using a 1721 running 12.4 IOS)using local auth-proxy(which i have verified works), is there any way to define which dynamic ACL is applied, rather then a simple permit any? I know how to do this using...
The issue the customer is seeing is that he did an SNMPWALK on the VPN that has been working for some time ok but after the snmpwalk command was done the VPN needed rebooting and upon boot up came up with the following error : ...Invalid checksum for...
hey people, help with this FWSM module,again! traffic is not passing trough firewall. i configure 'access-list 100 extended permit ip any any" and apply to the inside interface. and when i ping outside world i can see that packets hit inbound access-...
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Unanswered Topics
| Subject | Author | Posted |
|---|---|---|
| 08-26-2025 09:16 AM | ||
| 07-16-2025 04:21 AM | ||
| 07-06-2025 01:40 PM | ||
| 07-04-2025 01:59 AM | ||
| 06-19-2025 07:32 AM |
New solutions
Top Solution Authors
| User | Count |
|---|---|
| 8 | |
| 8 | |
| 7 | |
| 1 | |
| 1 |
