Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hoping to get some help or guidance on next step. I have a C1111-4p configured as a spoke that is on a LAN (i.e. NAT). The router is configured with a static IP on it's "outside" interface. Beyond this I have no control or insight. What I do know is ...
I know a couple years back, and couple OS revisions back, there was a significant change to how one could access via SNMP the ASA's inside interface through a L2L tunnel. I have encountered now 2x FPR1010 (ASAs) with v9.18(2) that through the VPN I c...
A few days back I had asked a question here regarding use of Windows L2TP client and ASA. Someone kindly responded pointing me to using Powershell to change the encryption Windows would use (as 3DES is depreciated on v9.18). I created a test VPN conn...
Brand new ASA, I had connected via ASDM. No updates to the ASA, though not aware of anything on the client side changing either. ASA is v9.18(2) with ASDM v7.18(1)152. On one desktop I had tried various versions of Java from 1.8 202 to now 1.8 411 an...
For a long while we have been reliant on using ASA's L2TP remote access VPN for users to connect to remote sites to access devices that did not have gateway's configured. For this we used the Windows built-in L2TP client, however as Cisco has depreci...
Real IPs (public WAN) are obfuscated, internal/LAN I just changed subnet.I think in this case the problem may be this. The path from remote side is through X (doing traceroute) but the IKE is failing when I see it is coming from path Y. The customer ...
On the hub we have configured crypto isakmp key <***KEY***> address 0.0.0.0 And the spokes are defined statics (shown above).This one customer site always comes in at 207.xx.xx.xx but fails connecting to our R1 hub. I did not catch this earlier, but ...
One thing I forgot to add. We have actually 2x Cisco C1111-4Ps as spokes, the problem one we can call W2, whereas W1 is in another location. BOTH routers connect on internal fiber LAN to central location where both go out to the internet. One huge di...
I was using the change to SNMP as an example of changes the ASAs have made. My real problem is I need to access the inside interface of the ASA to send a config to the tftp server, or to access it from the server to make a necessary change. The old s...
