Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have an ISR 4331 and I would like to configure a voice and data VLAN on it's layer 3 interface that connects to a layer 2 switch. Which option is correct? Option 1:vlan 100name Data!vlan 111name Voice!interface GigabitEthernet0/0/1description Insid...
I created an IPSec site-to-site VPN tunnel between two locations on two Cisco 2911 routers. Site A is IP network 192.168.1.1/24 and site B is 192.168.2.0/24. Users at site B access a server 192.168.1.100 port 9000 and 9005, which exists in site A. E...
I created an IPSec site-to-site VPN tunnel between two locations on two Cisco 2911 routers. Site A is IP network 192.168.1.1/24 and site B is 192.168.2.0/24. Users at site B access a server 192.168.1.100 port 9000 and 9005, which exists in site A. Ev...
I have a Cisco 2911 VPN head-end device that is configured for IPSec, pre-shared keys, group authentication with a secret key. Is it possible to use the Cisco AnyConnect client on a Chomebook without L2TP to connect to the head-end VPN device? I don'...
We recently had an issue with our ASA 5555 device supporting Cisco AnyConnect VPN client access. Our ASA is configured to use a primary and secondary DCHP server. They are also configured to use local pools as a third alternative in the event of DCHP...
Agree. I will have to run debug and find out if it's using Main mode or Aggressive mode again without the "crypto isakmp aggressive-mode disable" command.
Thank you for your help
GW
I can force the site-to-site to use Main mode by issuing the "crypto isakmp aggressive-mode disable" command and it works great! Unfortunately, the VPN clients can't connect because they want to use Aggressive mode. Is there a way to use the "crypto ...
I can force the site-to-site to use Main mode by issuing the "crypto isakmp aggressive-mode disable" command and it works great! Unfortunately, the VPN clients can't connect because they want to use Aggressive mode. Is there a way to use the "crypto ...
Is there an easy way to determine with a CLI command if the site-to-site is using main mode or aggressive mode? I am running c2900-universalk9-mz.SPA.151-4.M1.bin
dcrouter#show crypto isakmp saIPv4 Crypto ISAKMP SAdst src state conn-id statusx.x.x....
