Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- :
- About whitemike
06-26-2019
Stats
Member since
06-15-2010
19
Posts
0
Helpful
0
Solutions
Created by
whitemike
in Wireless Security and Network Management
in Wireless Security and Network Management
05-08-2012
08:22 AM
05-08-2012
08:22 AM
Sorry for the late reply Steve. The link you provided was extremely helpful here is what my config looks like now: ersion 12.3 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname ap ! enable secret 5 $1$7vHS$YWCMbrlAgDUayKlOHhMlF1 ! ip subnet-zero ip domain name TKGCORP.local ip name-server 192.168.32.71 ! ! aaa new-model ! ! aaa group server radius rad_eap server 192.168.32.71 auth-port 1645 acct-port 1646 ! aaa group server radius rad_mac ! aaa group server radius rad_acct ! aaa group server radius rad_admin ! aaa group server tacacs+ tac_admin ! aaa group server radius rad_pmip ! aaa group server radius dummy ! aaa authentication login eap_methods group rad_eap aaa authentication login mac_methods local aaa authorization exec default local aaa accounting network acct_methods start-stop group rad_acct aaa session-id common ! dot11 ssid wap_test authentication open eap eap_methods authentication network-eap eap_methods authentication key-management wpa guest-mode infrastructure-ssid optional ! power inline negotiation prestandard source ! ! username Cisco password 7 047802150C2E ! bridge irb ! ! interface Dot11Radio0 no ip address no ip route-cache ! encryption mode ciphers tkip ! ssid wap_test ! speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0 station-role root bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled ! interface Dot11Radio1 no ip address no ip route-cache shutdown speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0 station-role root bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled ! interface FastEthernet0 no ip address no ip route-cache duplex auto speed auto bridge-group 1 no bridge-group 1 source-learning bridge-group 1 spanning-disabled hold-queue 160 in ! interface BVI1 ip address 192.168.201.9 255.255.255.0 no ip route-cache ! ip http server no ip http secure-server ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag ip radius source-interface BVI1 ! radius-server attribute 32 include-in-access-req format %h radius-server host 192.168.32.71 auth-port 1645 acct-port 1646 key 7 071B245F5A radius-server vsa send accounting ! control-plane ! bridge 1 route ip ! ! ! line con 0 line vty 0 4 ! end I get a login screen but it will not let me connect, on my radius server I have it set to allow a group that my username is in. Here are some debugs from when I try to connect to the AP: ap#debug aaa authentication AAA Authentication debugging is on ap# *Mar 2 01:11:53.284: AAA/BIND(00000006): Bind i/f *Mar 2 01:11:53.355: AAA/AUTHEN/PPP (00000006): Pick method list 'eap_methods' *Mar 2 01:11:54.556: %DOT11-7-AUTH_FAILED: Station c0cb.3835.a102 Authentication failed *Mar 2 01:11:55.280: AAA/BIND(00000007): Bind i/f *Mar 2 01:11:55.404: AAA/AUTHEN/PPP (00000007): Pick method list 'eap_methods' *Mar 2 01:11:56.349: AAA/BIND(00000008): Bind i/f *Mar 2 01:11:56.525: AAA/AUTHEN/PPP (00000008): Pick method list 'eap_methods' *Mar 2 01:11:57.300: AAA/BIND(00000009): Bind i/f *Mar 2 01:11:58.070: AAA/BIND(0000000A): Bind i/f *Mar 2 01:11:58.812: AAA/BIND(0000000B): Bind i/f *Mar 2 01:12:15.470: AAA/AUTHEN/PPP (0000000B): Pick method list 'eap_methods' *Mar 2 01:12:15.492: %DOT11-7-AUTH_FAILED: Station c0cb.3835.a102 Authentication failed ap#undebug all All possible debugging has been turned off
... View more
Created by
whitemike
in Wireless Security and Network Management
in Wireless Security and Network Management
05-03-2012
01:26 PM
05-03-2012
01:26 PM
I have a Win2008 server set up as a radius server (192.168.32.71) and a stand alone AP (192.168.201.9) The AP is config is below: version 12.3 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname ap ! enable secret 5 $1$IdUV$UvE2IJTNzHX6mW6Mmh3At0 ! ip subnet-zero ip domain name TKGCORP.local ip name-server 192.168.32.71 ! ! aaa new-model ! ! aaa group server radius rad_eap ! aaa group server radius rad_mac ! aaa group server radius rad_acct ! aaa group server radius rad_admin ! aaa group server tacacs+ tac_admin ! aaa group server radius rad_pmip ! aaa group server radius dummy ! aaa group server radius rad_eap1 server 192.168.201.9 auth-port 1812 acct-port 1813 ! aaa authentication login eap_methods group rad_eap aaa authentication login mac_methods local aaa authentication login eap_methods1 group rad_eap1 aaa authorization exec default local aaa accounting network acct_methods start-stop group rad_acct aaa session-id common ! dot11 ssid ka_test vlan 201 authentication open eap eap_methods1 authentication network-eap eap_methods1 guest-mode ! power inline negotiation prestandard source ! ! username Cisco password 7 112A1016141D username tkgadmin privilege 15 password 7 022D167B06551D60 ! bridge irb ! ! interface Dot11Radio0 no ip address no ip route-cache ! encryption vlan 201 mode ciphers aes-ccm tkip ! encryption key 1 size 128bit 7 673B0AA56FCB4E630D8E4856427E transmit-key encryption mode wep mandatory ! broadcast-key change 150 ! ! ssid ka_test ! speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0 station-role root bridge-group 1 bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled ! interface Dot11Radio0.201 encapsulation dot1Q 201 no ip route-cache bridge-group 201 bridge-group 201 subscriber-loop-control bridge-group 201 block-unknown-source no bridge-group 201 source-learning no bridge-group 201 unicast-flooding bridge-group 201 spanning-disabled ! interface Dot11Radio1 no ip address no ip route-cache shutdown ! encryption key 1 size 128bit 7 B711059074E30B1E1D4E3EC038BB transmit-key encryption mode wep mandatory ! broadcast-key change 150 ! speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0 station-role root bridge-group 1 bridge-group 1 subscriber-loop-control bridge-group 1 block-unknown-source no bridge-group 1 source-learning no bridge-group 1 unicast-flooding bridge-group 1 spanning-disabled ! interface FastEthernet0 no ip address no ip route-cache duplex auto speed auto bridge-group 1 no bridge-group 1 source-learning bridge-group 1 spanning-disabled hold-queue 160 in ! interface FastEthernet0.201 encapsulation dot1Q 201 no ip route-cache bridge-group 201 no bridge-group 201 source-learning bridge-group 201 spanning-disabled ! interface BVI1 ip address 192.168.201.9 255.255.255.0 no ip route-cache ! ip http server no ip http secure-server ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag ip radius source-interface BVI1 ! radius-server local no authentication eapfast no authentication mac nas 192.168.201.9 key 7 010703174F ! radius-server attribute 32 include-in-access-req format %h radius-server host 192.168.32.71 auth-port 1645 acct-port 1646 key 7 0835495D1D radius-server host 192.168.201.9 auth-port 1812 acct-port 1813 key 7 0010161510 radius-server vsa send accounting ! control-plane ! bridge 1 route ip ! ! ! line con 0 line vty 0 4 ! end
... View more
12-15-2011
11:38 AM
Almost everything you mentioned there is on this paticular tunnel. Here is the config for that tunnel: name 175.124.120.55 ACME_01 description Cedars Sinai name 175.124.120.56 ACME_02 description Cedars Sinai name 175.124.120.57 ACME_03 description Cedars Sinai name 175.124.120.58 ACME_04 description Cedars Sinai name 175.124.120.59 ACME_05 description Cedars Sinai name 175.124.120.60 ACME_06 description Cedars Sinai object-group network ACME_GRP description ACME network-object host 175.124.120.55 network-object host 175.124.120.56 network-object host 175.124.120.57 network-object host 175.124.120.58 network-object host 175.124.120.59 network-object host 175.124.120.60 access-list private_nat0_outbound extended permit ip host 71.175.218.169 object-group ACME_GRP access-list Outside_24_cryptomap extended permit ip host 71.175.218.169 object-group ACME_GRP group-policy ACME internal group-policy ACME attributes vpn-idle-timeout none vpn-tunnel-protocol IPSec svc crypto map Outside_map 24 match address Outside_24_cryptomap crypto map Outside_map 24 set peer 192.175.86.12 crypto map Outside_map 24 set transform-set ESP-3DES-SHA crypto map Outside_map 24 set security-association lifetime seconds 86400 tunnel-group 192.175.86.12 type ipsec-l2l tunnel-group 192.175.86.12 general-attributes default-group-policy ACME tunnel-group 192.175.86.12 ipsec-attributes pre-shared-key ********* and also the the box on my local side is behind a dynamic NAT
... View more
12-15-2011
10:37 AM
Thanks for the reply, the only place I could find something like that was on the crypto map connection-type for the tunnel I have a choice of bidirectional, answer-only, and originate-only. Is that what you are talking about? because all of my site-to-site vpn's are set to bidirectional.
... View more
12-13-2011
12:01 PM
I am using a Cisco ASA 5510. Our tunnels always drop due to inactivity, which is a security issue I understand, and it only takes some "interesting traffic" to bring it back up. My problem is that it looks like the interesting traffic has to originate from my side of the tunnel, when our clients send traffic and the tunnel is down due to inactivity it does not come back up. Is there a setting that I am overlooking that will make it come back up no matter who sends traffic? Or, is there a way to make it stay up through inactivity?
... View more
Labels:
08-29-2011
06:40 AM
I knew that it was something simple, sometimes it takes someone outside to see the issue, thanks.
... View more
08-26-2011
09:01 AM
Hello All, I had a subnet that is our SAN network and it was intentionally isolated from the rest of the network when created. They now want to utilize the email feature on the SAN volume for monitoring purposes, so i needed to connect it to the network. I have done so and can see some IP addresses on the SAN subnet but not all, and not the most important one the SAN volume itself. Here is the config of the SAN switch and the switch that was existing on the network already. The SAN switch is 2 stacked 3750's and the switch that was already on the network is a 3560, I only included the ports that they are connect to each other on. The SAN switch can ping all nodes attached to it (about 24) but coming from anywhere else on the network I can only see 4 nodes. TKGDC1_SANS_SW01#sh running-config Building configuration... Current configuration : 5680 bytes ! version 12.2 no service pad service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname TKGDC1_SANS_SW01 ! enable secret 5 $1$IrDy$zN4OWOH4qibnZ/E6.l.nI0 enable password 7 143C002B0157386A ! username tkgadmin privilege 15 password 7 143C002B0157386A no aaa new-model switch 1 provision ws-c3750g-24ts-1u switch 2 provision ws-c3750g-24ts-1u ip subnet-zero ip routing ! ! ! ! no file verify auto ! spanning-tree mode rapid-pvst spanning-tree portfast default spanning-tree extend system-id ! vlan internal allocation policy ascending ! interface GigabitEthernet1/0/24 switchport trunk encapsulation dot1q switchport mode trunk ! interface Vlan1 no ip address shutdown ! interface Vlan33 ip address 192.168.33.17 255.255.255.0 ! interface Vlan100 ip address 192.168.42.10 255.255.255.0 ! ip default-gateway 192.168.61.1 ip classless ip route 0.0.0.0 0.0.0.0 192.168.61.1 ip route 10.1.1.0 255.255.255.224 192.168.33.1 ip route 10.1.1.32 255.255.255.224 192.168.33.2 ip route 10.114.248.0 255.255.255.0 192.168.33.6 ip route 172.10.10.0 255.255.255.0 192.168.32.65 ip route 172.10.11.0 255.255.255.0 192.168.32.65 ip route 172.10.12.0 255.255.255.0 192.168.32.65 ip route 172.10.13.0 255.255.255.0 192.168.32.65 ip route 172.10.14.0 255.255.255.0 192.168.32.65 ip route 192.168.32.32 255.255.255.224 192.168.33.2 ip route 192.168.32.33 255.255.255.255 192.168.33.2 ip route 192.168.32.64 255.255.255.224 192.168.33.3 ip route 192.168.38.0 255.255.255.0 192.168.33.2 ip route 192.168.61.0 255.255.255.0 192.168.33.4 ip route 192.168.71.0 255.255.255.0 192.168.33.6 ip route 192.168.200.0 255.255.255.224 192.168.33.2 ip route 192.168.201.0 255.255.255.0 192.168.33.2 ip route 192.168.202.0 255.255.255.224 192.168.33.1 ip route 192.168.202.32 255.255.255.224 192.168.33.2 ip route 192.168.202.64 255.255.255.224 192.168.33.3 ip route 192.168.203.0 255.255.255.0 192.168.33.1 ip http server ! ! control-plane ! ! line con 0 exec-timeout 0 0 login local line vty 0 4 password 7 105B29470B4540565A053E3C login line vty 5 15 password 7 105B29470B4540565A053E3C login local ! ntp clock-period 36029221 ntp server 192.168.42.120 source Vlan100 end Here is the other switch: TKGDC1-SW02#sh run Building configuration... Current configuration : 10874 bytes ! version 12.2 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname TKGDC1-SW02 ! enable secret 5 $1$7Hfy$b3ueU8FkscD.zhRnvTP.r0 ! username tkgadmin privilege 15 secret 5 $1$8nI7$zRaQl0MpghZBQlWcK0v0A1 no aaa new-model clock timezone UTC -5 clock summer-time UTC recurring system mtu routing 1500 ip subnet-zero ip routing ! ! ! ! no file verify auto spanning-tree mode pvst spanning-tree extend system-id ! vlan internal allocation policy ascending ! interface GigabitEthernet0/36 switchport trunk encapsulation dot1q switchport mode trunk ! interface Vlan1 no ip address shutdown ! interface Vlan33 description @!$% ip address 192.168.33.4 255.255.255.0 ! interface Vlan61 description Private Production ip address 192.168.61.2 255.255.255.0 ! interface Vlan62 description ***** VLAN ip address 192.168.62.2 255.255.255.0 ! ip default-gateway 192.168.61.1 ip classless ip route 0.0.0.0 0.0.0.0 192.168.61.1 ip route 10.1.1.0 255.255.255.224 192.168.33.1 ip route 10.1.1.32 255.255.255.224 192.168.33.2 ip route 10.114.248.0 255.255.255.0 192.168.33.6 ip route 192.168.32.0 255.255.255.224 192.168.33.1 ip route 192.168.32.32 255.255.255.224 192.168.33.2 ip route 192.168.32.64 255.255.255.224 192.168.33.3 ip route 192.168.38.0 255.255.255.0 192.168.33.2 ip route 192.168.42.0 255.255.255.0 192.168.33.17 ip route 192.168.71.0 255.255.255.0 192.168.33.6 ip route 192.168.200.0 255.255.255.224 192.168.33.1 ip route 192.168.200.32 255.255.255.224 192.168.33.2 ip route 192.168.200.64 255.255.255.224 192.168.33.3 ip route 192.168.201.0 255.255.255.0 192.168.33.2 ip route 192.168.202.0 255.255.255.224 192.168.33.1 ip route 192.168.202.32 255.255.255.224 192.168.33.2 ip route 192.168.202.64 255.255.255.224 192.168.33.3 ip route 192.168.203.0 255.255.255.0 192.168.33.1 ip http server ! snmp-server community KHT RO snmp-server community TKG1 RO snmp-server community TKG2 RW snmp-server location Data Site snmp-server contact itdept@kramergroup.com ! control-plane ! ! line con 0 login local line vty 0 4 login local length 0 line vty 5 15 login ! end
... View more
Labels:
Created by
whitemike
in VPN and AnyConnect
in VPN and AnyConnect
08-17-2011
08:24 AM
08-17-2011
08:24 AM
This has been solved: The 3rd party gave a list of 4 hosts to be used on their side so we entered the 4 hosts on our side, although when they did it on their side they used a CIDR /30 and turned 2 of their hosts into network and broadcast addresses. My belief is that they would send from one of those excluded addresses and my side would reply back thinking that it was a host, but their side would drop it thinking it was broadcast traffic.
... View more
Created by
whitemike
in VPN and AnyConnect
in VPN and AnyConnect
08-05-2011
07:52 AM
08-05-2011
07:52 AM
Hello All, I have created an L2L tunnel between my self and a 3rd party. I am using a Cisco ASA 5520 and the other end is using a Cisco 3005 VPN concentrator. The tunnel will get established and pass traffic both ways for a little while, it varies, sometimes 1 hour or last time we built it it was working for 17 hours, but at some point my ASA will stop transmitting but it will still be receiving packets. These errors start to show up when I look at the traffic going through my ASA interfaces: 713042 IKE Initiator unable to find policy: Intf Outside, Src: 192.168.xx.16, Dst: 10.1.xx.30 Then when I try to ping their hosts .30 and .27 I get: 713041 Group = 68.23.xx.xx, IP = 68.23.xx.xx, IKE Initiator: New Phase 2, Intf private, IKE Peer 68.23.xx.xx local Proxy Address 192.168.xx.16, remote Proxy Address 10.1.xx.30, Crypto map (Outside_map) 713041 Group = 68.23.xx.xx, IP = 68.23.xx.xx, IKE Initiator: New Phase 2, Intf private, IKE Peer 68.23.xx.xx local Proxy Address 192.168.xx.16, remote Proxy Address 10.1.xx.27, Crypto map (Outside_map) 713050 Group = 68.23.xx.xx, IP = 68.23.xx.xx, Connection terminated for peer 68.23.xx.xx. Reason: Peer Terminate Remote Proxy 10.1.xx.27, Local Proxy 192.168.xx.16 When I first configured this tunnel it was with 3DES and SHA for phase 1 & 2, but when the tunnel would come up my phase 1 would negotiate to an MD5 hash, even though I specifically entered SHA, so me and the 3rd party decided to bring all the hashes for phase 1 & 2 down to MD5, and that was when it was up for the longest, but the problem still came back eventually. My ASA config posted below: ASA Version 8.2(3) name 192.168.xx.16 Server description Server name 10.1.xx.27 XYZ_01 name 10.1.xx.28 XYZ_02 name 10.1.xx.29 XYZ_03 name 10.1.xx.30 XYZ_04 interface Ethernet0/0 description Outside speed 100 nameif Outside security-level 0 ip address 71.4.xx.xx 255.255.255.224 interface Ethernet0/2 description private nameif private security-level 100 ip address 192.168.xx.16 255.255.255.0 object-group network XYZ_GRP network-object host 10.1.xx.27 network-object host 10.1.xx.28 network-object host 10.1.xx.29 network-object host 10.1.xx.30 access-list private_nat0_outbound extended permit ip host 192.168.xx.16 object-group XYZ_GRP access-list Outside_14_cryptomap extended permit ip host 192.168.xx.16 object-group XYZ_GRP crypto map Outside_map 14 match address Outside_14_cryptomap crypto map Outside_map 14 set peer 68.23.xx.xx crypto map Outside_map 14 set transform-set ESP-3DES-MD5 group-policy XYZ internal group-policy XYZ attributes vpn-idle-timeout none vpn-tunnel-protocol IPSec tunnel-group 68.23.xx.xx type ipsec-l2l tunnel-group 68.23.xx.xx general-attributes default-group-policy XYZ tunnel-group 68.23.xx.xx ipsec-attributes pre-shared-key *******
... View more
- Tags:
- asa_5500
- configuration
- connectivity_issues
- error_message
- find
- ike
- initiator
- l2l
- policy
- unable
- vpn_concentrator
Labels:
Created by
whitemike
in VPN and AnyConnect
in VPN and AnyConnect
06-29-2011
06:11 PM
06-29-2011
06:11 PM
KWillacey, The advice for routing traffic BACK to the vpn pool was the answer. There were routes in the switch, on the 192.168.61.0/24 subnet that was pointing the vpn subnet to an interface on the firewall that had an ACL, blocking that kind of traffic. I pointed the return traffic at the correct firewall interface and then created an ACL to allow the traffic I need on that interface and everything works now. I was totally over looking routes for the return traffic. Thank You
... View more
Created by
whitemike
in VPN and AnyConnect
in VPN and AnyConnect
06-29-2011
11:33 AM
06-29-2011
11:33 AM
I do not have access to 192.168.61.0/24 network when I vpn to the ASA. I have attached a text file with all the ACL’s, static routes and the show route output in the ASA. The 192.168.61.0/24 network has a route, is included in the ACL and shows as a connected network. I see what you are saying about the 192.168.51.0/24 subnet being in the ACL but having no route, I think that is part of an old config that didn’t get erased when they made changes a while back.
... View more
Created by
whitemike
in VPN and AnyConnect
in VPN and AnyConnect
06-29-2011
07:46 AM
06-29-2011
07:46 AM
I might be confused on what is meant by groups, but when I log in to the vpn my client has a pcf file that specifies which connection profile I use once I have successfully logged in, and that pool is assigned a range of addresses to use, mine in this case is the TKG_NetAdmin. The addresses for the profile pool is 172.10.11.0/24 and I am having trouble reaching the 192.168.61.0/24 network. Another thing that I have noticed is that the person who set this up assigned quite a few 172.10.x.x dhcp pools in this ASA, my understanding is that those are publically routable addresses, not the 172.16.0.0 - 172.31.0.0 range reserved for private networks, and I'm not sure if that is causing an issue, because when I log in and try to access anything on the 192.168.32.64/27 it works just fine. I went and took down the configs that I posted because of what you said and that is a good point, but when I looked at it again all the pre shared keys were *** characters.
... View more
Created by
whitemike
in VPN and AnyConnect
in VPN and AnyConnect
06-29-2011
05:56 AM
06-29-2011
05:56 AM
Anu' I tried adding the route but it gives an error saying "cannot add route connected route exists". I have attached a list of the static routes.
... View more
Created by
whitemike
in VPN and AnyConnect
in VPN and AnyConnect
06-28-2011
12:14 PM
06-28-2011
12:14 PM
Anu, I added the access list and retested and I still cannot reach it when I'm using the VPN. I have attached an updated config, I relocated the putty.exe and was able to copy it to a text file. It is one of the weirdest problems, the subnet is accessable from within the network but not when remote users use their vpn client from outside, but they can remote to a machine on our 192.168.32.0 subnet and then remote to the 192.168.61.0/24 subnet.
... View more
Created by
whitemike
in VPN and AnyConnect
in VPN and AnyConnect
06-28-2011
11:24 AM
06-28-2011
11:24 AM
Anu, I was going to paste the full command line config but that was way to long, so i went with the cfg file. The subnet that I cannot reach is the 192.168.61.0/24. If you cannot read the cfg file I will post the whole thing next. Thank you Mike
... View more
05-08-2012
Sorry for the late reply Steve. The link you provided was extremely
helpful here is what my config l...
05-03-2012
I have a Win2008 server set up as a radius server (192.168.32.71) and a
stand alone AP (192.168.201....
12-15-2011
Almost everything you mentioned there is on this paticular tunnel. Here
is the config for that tunne...
12-15-2011
Thanks for the reply, the only place I could find something like that
was on the crypto map connecti...
12-13-2011
I am using a Cisco ASA 5510. Our tunnels always drop due to inactivity,
which is a security issue I ...
08-29-2011
I knew that it was something simple, sometimes it takes someone outside
to see the issue, thanks.
08-26-2011
Hello All,I had a subnet that is our SAN network and it was
intentionally isolated from the rest of ...
Created by
whitemike
in VPN and AnyConnect
08-17-2011
08-17-2011
This has been solved:The 3rd party gave a list of 4 hosts to be used on
their side so we entered the...
08-05-2011
Hello All,I have created an L2L tunnel between my self and a 3rd party.
I am using a Cisco ASA 5520 ...
Created by
whitemike
in VPN and AnyConnect
06-29-2011
06-29-2011
KWillacey,The advice for routing traffic BACK to the vpn pool was the
answer. There were routes in t...
Created by
whitemike
in VPN and AnyConnect
06-29-2011
06-29-2011
I do not have access to 192.168.61.0/24 network when I vpn to the ASA. I
have attached a text file w...
Created by
whitemike
in VPN and AnyConnect
06-29-2011
06-29-2011
I might be confused on what is meant by groups, but when I log in to the
vpn my client has a pcf fil...
Created by
whitemike
in VPN and AnyConnect
06-29-2011
06-29-2011
Anu'I tried adding the route but it gives an error saying "cannot add
route connected route exists"....
Created by
whitemike
in VPN and AnyConnect
06-28-2011
06-28-2011
Anu,I added the access list and retested and I still cannot reach it
when I'm using the VPN. I have ...
Created by
whitemike
in VPN and AnyConnect
06-28-2011
06-28-2011
Anu,I was going to paste the full command line config but that was way
to long, so i went with the c...
Public Statistics
| Date Registered | 06-15-2010 11:48 AM |
| Date Last Visited | 06-26-2019 12:04 AM |
| Total Messages Posted | 19 |
