(Note: This message was posted as part of the "Ask the Expert" Event on configuring Cisco IPSec VPNs that took place December 11 - December 21. Feel free to respond to or form discussions around this question.)
Design question - I have three 3005s. The 'hub' site is connected in parallel to the PIX. (Outside int on the outside segment, inside int on the inside network, my preferred way to connect them.) The two remote sites only have an internet router directly connected to the inside network. Can I connect both the inside and outside interfaces onto the inside network (same subnet)? One site is using public address space on the inside network. That may work, I haven't connected that site yet. The other site is using private IP space on the inside and the internet router is NATing the inside addresses to the public address being used on the Dialer (ISDN) interface using overload. This is the site I am currently having problems with. Should this work if I add a static NAT statement for the 3005 outside interface? Should/Could I use a secondary network on the router to talk to the outside interface of the 3005 on a different subnet? (The internet router is a 1600 that belongs to the ISP or maybe I could terminate the tunnel on the router?) Any suggestions/comments? Thanks!
Please note that the minimum cryptography settings in AnyConnect 4.9 have been increased. Please ensure that your head-end is properly configured for the more stringent cryptography settings (if applicable) or users will be unable to connect after updatin...
In this guide will we be taking a look at how to configure the web.config file using the URL Rewrite tool when deploying the TETRA update server. This guide is meant as a companion to the existing guides and to help fill in some in...
Note: This guide is provided as a best effort to better help users understand the potential impact running multiple clients with TETRA, SPERO, ETHOS, DFC and SHA256 Lookups enabled and their bandwidth usage. The sizes in these guides are s...
When I log into my application, I'm suddenly asked to create a new organization. Did something change or migrate? I already had an organization.
You may be starting from security.cisco.com and mistakenly clicking "SecureX sign-on...
I followed these instructions and setup all my accounts to use SecureX sign-on, including my AMP account (my Cisco Security Account - CSA). When I use SecureX, and I click on the AMP "launch" button, I have to login again. Why?