Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I currently have a need to set just one tunnel on a two tunnel router based vpn setup to be responder-only. I see where that command must be made to a profile, but I'm struggling on how to convert my older map based two tunnel setup to a profile base...
I'm having difficulty with NAT inbound for a remote VPN site-to-site network from site, "WIDGET," noted below. I have a site-to-site VPN with the following requirements that I need to ensure works with current NAT design and configuration. This isn't...
Hello, I have a somewhat complicated setup in order to allow one particular VIP to answer for the same serverfarm on two different ports (this was a previous question here.) Here is the scrubbed config below. The setup works, but the issue is that th...
Hi! I have the following question based on a new site requirement. The following sites use the same back end servers. Names changed to protect the innocent and my finger fumbling with pretty names for my actual config.I have two real servers being lo...
Hi,I have a problem getting correct chain verification I think while using a Thawte SSL123 certificate on an ASA 5520 running AnyConnect SSL VPN. I noticed when both using the client as well as when using AnyConnect mobile that a security error resul...
This helps a bit but I am not sure if I understand how to implement it. The remote side of these tunnels is across a vendor exchange, we're using NAT on these tunnels as well since the remote vendor we connect to requires no RFC 1918 addressing. Note...
Well that makes perfect sense. I'm still stuck in looking at everything pre 8.3 NAT view, so I can see why that did not dawn on me as part of the config. I'll take a look and change, then reattempt. Thanks for the very quick reply, Jouni!
Output from that class from the show service-policy command. And no, it doesn't appear to be pingable from the ACE. class: VIP-EQUIPPROD nat: nat dynamic 13 vlan 1000 curr conns : 361 , hit count : 116690 ...
Kanwal,Sorry for the late reply, I had to wait until our cutover window to try to apply this. For the most part, your configuration worked. In my rush to get things configured, I missed that you specified the port within the serverfarm definition. Wi...
I think I hosed up my description a bit. My apologies, Kanwal. Those two servers are a load balanced pair. They answer for both URL's, but the destination port differs based on the URL. And anything for the Site B url on the wrong port :80, should ge...
