Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I am trying to collect Netflow statistics on a C3560G running IOS IP Services 15.0(2)SE. From the documentation it seems I should use Flexible Netflow and these commands are supported. However, no entries appear in the flow caches. All interfaces are...
I have successfully established an IPSEC VPN between an ASA and a customers Draytek - the Draytek is using its Public IP for both the VPN Endpoint and for Nat'ing internal traffic over the VPN. If I apply a vpn-filter statement to the ASA configurat...
This can be done in a different way - hopefully achieving what you want.Basically you define tunnel-groups for each of your different VPN Client groups. So lets assume you have 3 client groups and each group has access to different internal resource...
Before you had split-tunneling working, your VPN clients would have had a default-route pointing all traffic down the vpn-tunnel. Now that you have split-tunneling working only the networks listed in your split-tunnel ACL are passed to the VPN clien...
Without seeing your configuration it is difficult to work out the issue - if you use NAT/PAT on your B and C firewalls - then you may need to update nat-exemption policies for the relevant networks. If you still need further help - can you cut and p...
You need to configure *intercept-dhcp enable* under your group-policy:group-policy DefaultRAGroup attributes group-policy DefaultRAGroup attributes dns-server value 192.168.10.4 vpn-tunnel-protocol l2tp-ipsec split-tunnel-policy tunnelspecified spli...
You need to configure the following command.same-security-traffic permit intra-interfaceThis will allow communications between your VPNs - however you will need to ammend any VPN ACLs (used in crypto map) to permit traffic between the respective peer...
