About Jeffrey Warn

Jeffrey Warn · 01-10-2012

We use the RSA server to backend our user authentication for our Anyconnect home VPN users. There have been requests to have some of our home users have static IP addresses while on the Anyconnect. I have not been able to find a working example on ho...

Jeffrey Warn · 11-29-2011

I can't seem to find any documentation to how to get this working. I'm trying to make it so that only users of a certain AD group are authenticated for my Anyconnect VPN on my ASA 8.2.2I've found the documentation on how to prevent logins using the ...

Jeffrey Warn · 11-07-2011

I've seen a few discussions about this, but I've not been able to find an answer as to why this keeps failing. I have a Centos 5.5 server that I use for configuration file management and I have been unable to get my 6509E to send the configuration us...

Jeffrey Warn · 08-23-2011

I would like to know if it is possible to setup my ASA running 8.2 to log events from when my users log on and off the anyconnect client. There was a security issue with one of our remote systems and it has been impossible to try and determine who ha...

Jeffrey Warn · 07-21-2011

Consistently I see similar errors like this in my logs. The src address is actually my SCCM server (policy server) and the dst address is a remote VPN user who connects with the AnyConnect client.%ASA-4-419002: Duplicate TCP SYN from inside:10.2.152....

Jeffrey Warn · 11-30-2011

Thanks, DAP does seem to be the way to go with this. I found a similar article to what you posted last night which confirmed the same type of screenshots. I will just have to set time aside to update my policies on my ASA to take advantage of this. I...

Jeffrey Warn · 08-25-2011

Just a follow up. While the correct eventID does work, one issue that i've found is that when a user resumes a connection, they tend to get a new IP address from the pool and this is not logged. The actual log line looks something like this:%ASA-6-72...

Jeffrey Warn · 08-24-2011

Thanks. The 722# ones apply to the SVC stuff as well. Unfortunately, it's still limited in it's usefulness. While it does show the userID connected, it shows the external IP address associated with it. I still can't seem to find a way to correlate th...

Jeffrey Warn · 12-01-2010

I've been running this on some client 1811 routers with success. Here is a basic config that should work:!! I use a delay on the up/down to prevent some flapping issues that could arise.track 11 ip sla 11 reachability default-state up delay down 90 u...

Jeffrey Warn · 09-16-2010

Thanks for the response. I originally thought about doing that but the issue there is, that IP address will pretty much always be up. The next hop is an ISP ethernet handoff, so connectivity to that IP address will be up 99% of the time (unless that...

Member Since	‎05-11-2010 08:12 AM
Date Last Visited	‎11-15-2019 12:03 AM
Posts	15

User Statistics

User Activity

Anyconnect static IP address with SDI authentication

Locking down Anyconnect authentication to AD Group

WS-C6509-E unable to use CISCO-CONFIG-COPY-MIB SNMP MIB

[Question] How to log anyconnect sessions in syslog?

Anyconnect VPN user generating ASA-4-419002 errors in log

Locking down Anyconnect authentication to AD Group

Re: [Question] How to log anyconnect sessions in syslog?

Re: [Question] How to log anyconnect sessions in syslog?

Re: IP SLA / Tracking issue on 1811 router for VPN access

Re: IP SLA / Tracking issue on 1811 router for VPN access