Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello. I'm running a IPSec VPN between a 5520 ASA and a 2811 router. The ASA has a static IP and the router has a DHCP interface.The VPN seems to work fine once I get done clearing old SAs, but each new IPSEC SA creates a new ISAKMP SA on the router?...
Hello. Been chasing this WAE log error for a long time. It's a password user unknown error. Is there an easy way to determine where the unknown user is sourcing from? I'm assuming this is a SNMP query or something? Hoping the 899999 code means someth...
Started with a single CE datacenter router that is BGP peering with a single PE router for connection to our ISP MPLS network. There are other locations as well, and all of our routers use the same BGP AS. The ISP has their own AS, so we are using eB...
Hello. Our ACS 5.2 is authenticating ASA VPN users with Radius. I would like to use the ACS to authenticate ASA administrator logins with Tacacs. When I modify the ASA Network Device by checking the Tacacs box in addition to the Radius box, ASA VPN a...
To get IP SLA on the 1921 or any ISR-G2 router you need to purchase the Data or UC (voice) license from Cisco. I would think it's possible to write a TCL or EEM script to create and monitor a ping result. Don't think IP-SLA will reload a router or sh...
I've seen this intermittently with Cisco 2851 routers. Was told it was a known issue on some S/N range and a fix was available, but I never followed up. If you have Cisco support I'd open a ticket.Also, when I saw this issue and connected via console...
Hi Rod. I have a similar challenge using ACS 5.2 ? Haven't tried yet, but my plan is for the ACS (using RADIUS) to verify the device is a member of the domain, in my case I want to control IP/subnet pool depending on domain membership. Hope someone...
Thanks for the example and explanation. I had to let it soak in for a couple days. After re-reading your comments I understand. Thank you again.Sent from Cisco Technical Support iPad App
