Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Long story short, I'm trying to setup a VPN Management Tunnel for our AnyConnect clients. Part of the process involves setting up an SCEP connection, which fails miserably. My ASA doesn't like the response from NDES, and I'm stuck on why it's happeni...
Hi, I'm trying to figure out a way to allow VPN access via. AnyConnect for staff with a mobile phone so that they can use an app while in the field, but I'm stuck on the certificate process in DAP.I would like to use DAP to validate that the phone (i...
Hi all,
I have an ASA 5510 that sits between our DMZ and our internal network. I've tried replacing it with a 5515 with disastrous results.
I'm working on replacing our organization's older ASAs with 5515s. I've replaced six 5510s and 5512s by savi...
Good afternoon,
***Edit: I've decided to just RMA it back to my reseller. I'm still interested to hear from anyone who might know what's going on.
I just opened up a new 5515-X and the ASA is generating the following error on startup:
The PCI devi...
I have an ASA 5510 running 9.1(6) that changed its behaviour unexpectedly, and I'm trying to understand what's happened. This firewall sits between our DMZ (security level 50) and the internet/outside (security level 0).
A few days ago, I enabled ICM...
Hi Philip,
No, I've been running 9.1(3) since March 2014. A line by line comparison of the current running configuration (after this behavior started) to one from early January (before this behaviour) showed they were identical.
Thanks for your sug...
I was able to solve my own issue by rerunning the commands. For some reason they weren't taking. Here's a sample of the commands for SiteA:nat (inside,outside) source static SiteA_Traffic SiteA_Traffic destination static SiteC_Traffic SiteC_Traffic n...
I tried adjusting the above configuration for an ASA running 9.1 and I couldn't get it working either.Could someone be kind enough to post what the above config would look like under > 8.3 and the new NAT syntax?ThanksGreg
Hi Delmiro,I have this same issue, and as far as I know there's no way around this behaviour.Here's the workaround I use: I tell VPN users who need to access resources on the other domain to use the FQDN - this way when the request hits the DNS serve...
Thanks for the feedback, Frederic & Marvin. I'd forgotten the route statement to force VPN traffic out the other interface. Adding it fixed my issue.Thanks!Greg
