This problem is due to the presence of Cisco bug ID CSCsb92243.
When the Cisco Adaptive Security Device Manager (ASDM) 5.0(2) is used to configure VPN tunnels on the PIX or Adaptive Security Appliance (ASA), the IPsec rules do not always show up correctly under Configuration > Features > VPN > IPSec > IPSec Rules.
The rules that define the protected tunnel sometimes do not match the access-lists defined in the Command Line Interface (CLI). This is caused by the presence of static policy Network Address Translation (NAT) statements in the configuration. If the IPsec rule is then edited in ASDM, this causes an incorrect rule to be sent to the ASA.
This issue happens when a combination of the ASDM and the CLI is used to configure the rules.
As a workaround, use the CLI in order to manually edit the rules or use only the ASDM. Do not use a combination of both the ASDM and the CLI.
This issue is fixed in ASDM version 5.2, which can be downloaded from Cisco Downloads.
I am trying to gain access to more attributes such as MacOS version since Apple may stop putting the version number in the User Agent field. I have JAMF as an MDM and already use it to validate compliance for VPN clients. I'm wondering if anyone has used ...
Hi there, I have been trying to implement DSCP filtering on a ASA 5506-X, using class maps. But have not been able to get it configured and working. It seems that the commands to do it are there, but looking at general DSCP filtering exam...
Hi Experts,We've Remote access VPN configured on ASA and authenticated by ISE with posture enabled. We've DC1 ASA which is never connected to DC2 ISE node and we'll be testing the failover connectivity. In Posture profile, we've server rules configured to...
Hi , My Question is regarding "Multiple Certificates per Node. One for Each Service" / Certs renewal Our current deployment consist of 6 ISE nodes => 2*PAN (Pri, Sec) , 2*Mnt (Pri, Sec) and 2*PSN (Pri, Sec), and we are using "Single Certifica...
Trying to setup Anyconnect with Azure AD SAML, using this guidehttps://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/215935-configure-asa-anyconnect-vpn-with-micros.html I am able to perform a succesfull single signon ...