Hi all
Can someone help me solve my issue of phase 1 not coming up? It is between two Cisco ASA but i don't manage the other end. It has worked for a long time then suddenly one day it stopped working and no changes from both sides, so i assume tha...
Hi
How can i permit ping between two hosts on a different subinterface using the same physical interface on cisco ASA? It is also using the same ACL.
FW/pri/act# sh ipSystem IP Addresses:Interface Name IP address Subnet mask Method GigabitEtherne...
Hi
Please help on what's the best conversion method for the 8.2 configuration below. This is for VPN traffic.
8.2 config:
access-list crypto_Eclipx extended permit ip 10.164.61.0 255.255.255.128 host 10.88.64.31
nat(inside) 0 nonat
access-lis...
Hello
I'm really confused right now, as a background, i need to do a dynamic pat from network with security level 95 to network with security level 100 as seen below.
FW/sec/act# sh run all nat-controlno nat-control
interface GigabitEthernet0/3...
Sorry for my noob question, i have a config below from 8.2
access-list NO-NAT extended permit ip 10.0.0.0 255.0.0.0 10.172.8.224 255.255.255.224
nat (inside) 0 access-list NO-NAT
FW# packet-tracer input inside tcp 10.3.3.3 443 10.172.8.224 $...
Hi PatrickCan you help me with this? There are no mismatch on both sides as confirmed. This has been working for a long time then suddenly the phase 1 tunnel is not going upMar 05 02:38:05 [IKEv1 DEBUG]: IP = 3.3.3.3, constructing ISAKMP SA payloadMa...
@Francesco Molino
Yes, 10.88.64.31 is on the outside.
I'm curious why option 2 will not work?
This is my first time to migrate config from 8.2 to 8.4. So option 1 nat statements will both appear on the packet tracer result?