Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,I have set up cisco vpn client access and it works everywere exept at a wireless (firstspot.org) network that is used in meeting locals that are shared with the other companies in our building.Is there any possibillity that i need to allow NAT-T f...
Today i've moved to a Cisco ASA 5510 and I'm having problems when accessing webservers from the inside. When I try to access the webserver (helpdesk, webmail, etc) from computers outside my network, everything works just fine. When I try and access t...
Hi,Im setting up a site to site VPN between an ASA 5510 and a fortigate firewall. i have set everything upp and i cant see anything wrong with the setup, however now traffic is flowing. I did a packet trace and it gets droped by an acl in the tunnel ...
hi,I have just started to use an ASA 5510 for my network. I use the DHCP server on it and after i made the change over to ASA hosts started loosing their IP address.This was not a problem before on my old firewall that aso had the roll of DHCP.Is it ...
Hi,I have the following NAT rule: object network HTTP_Test_80nat (TestEnvironment,WAN1) static 88.130.50.22 service tcp www wwwThis allows http traffic to a testserver from the outside. An ACL is also in place and i can get to ...
Though i have not solved the issue i have set up AnyConnect ssl vpn clients and that works with out a hitch. I think i will be using that solution since the licensing is not that expencive if one accepts that there is no clientless ssl.Thanks for yo...
I still get the missmatch. When i try from home i have no problem connecting and still the missmatch is shown in the logs. when trying from the shared meeting local in the building i get the missmatch, duplicate and cannot connect.It looks like the ...
I have tried to set up three test tunnels one with DH1 one with DH2 and one with DH5. The result is always the same.these lines always come in the log, even if it works to connect. im assuming it first tests DH2 it doesnt work then it tests DH5 and ...
Hi again,Output fromdebug crypto isakmp 5The last line gives a litle bit more information, however i do not know if it is relevant.Apr 15 15:53:53 [IKEv1 DEBUG]IP = 197.195.111.153, IKE Peer included IKE fragmentation capability flags: Main Mode: ...
Hi,Hope this gives you guys some more info.Here is an output from debug crypto isakmp 7Apr 15 15:09:22 [IKEv1]IP = 197.195.111.153, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + KE (4) + NONCE (10) + ID (5) + VENDOR (13) + VEND...
