Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi experts,I have an issue and i am establishing a S2S VPN between 2 routers with ASA in between them . There is no NAT configuration done on any of the routers however NAT is applied on the ASA .There is "no nat-control " on ASA in addition to the b...
Hi halijenn / kusankar / MagnusI have a query related to ASA 5505 Packet flow . I was encountering an issue the other day and below is the topology .Though the issue has been resolved i want to know the exact packet flow as to when the ASA will behav...
Hi halijenn / expertsI have a query regarding ASA Remote access VPN and want to know as to why ASA is facilitated to configure the IP pools one under tunnel-groups and one under group-policy.Is there any circumstance when one will override the other ...
Hi halijenn / kusankar / NT ,I am having an issue in which customer is having ASA 5520 firewall pair (active , standby) , 8.0.3 Code running in mutiple context mode and having VPN Premium license.There are huge no. of context (approx 14) configured o...
Hi halijenn / expertsWhat will happen if on the outside of ASA , Proxy ARP is disabled .I know that with the Static and Global configured , the firewall will Proxy ARP (with its own MAC on behalf of Inside Public servers ) when a packet is coming fro...
hi halijennmy issue is not NATTING , i have already understood the concept of NO NAT with ACL and that it is required to be there in ASA from Public of R1 to R2 , my issue is what exactly is the role "crypto ipsec nat-transparency udp-encapsulation ...
hi halijennthanks for the reply . If R1 and R2 is running on public ip address, why would we even require to configure NAT exemption (NONAT) in the ASA between R1 and R2 public IP ? i have understood everything except one .In the practical scenario (...
Hi halijenn / NTthanks for looking into this .In the output of "sh cry isa sa " , i get MM_NO_STATE . i have already tried enabling inspect ipsec-pass-thru in ASA ; however no success .In addition to that i thought that the traffic from R1 to R2 wil...
