About Nelson Rodrigues

Nelson Rodrigues · 09-13-2010

Introduction Introduction The document briefly describes in an FAQ format the Failover requirements for the ASA 55xx VPN/Firewall appliance in handling digital certificates . Q. What are the general Failover capabilities and requirements of the A...

Nelson Rodrigues · 02-01-2010

The attached document .pdf describes the configuration details for deploying Clientless SSL VPN ACLs via Dynamic Access Policies (DAPs). Multiple ACLs will be aggregated for VPN policy enforment. The same concept can be applied for Network (Layer 3) ...

Nelson Rodrigues · 12-16-2009

IntroductionConfigurationRelated InformationNOTE: Check outHow to Format Your Document from a Templatefor the HTML CODE to copy Introduction This simple example shows how to enforce process checks via Dynamic Access Policy (DAP) that specifi...

Nelson Rodrigues · 12-16-2009

Nelson Rodrigues · 12-02-2009

IntroductionConfiguration CLIConfiguration via ASDMSupported ModesSyslogsAnyConnect and Clientless WebVPN user behavior when using Certificates for AuthenticationCertificate Authentication for ASDM administrative sessionsCisco Secure Desktop (CSD)Sce...

Nelson Rodrigues · 01-18-2014

Are you attempting to do both ANyConnect SSL and IPsec IKev1 simultaneously on fro mhte same endpointPC? You cannot do that. The ASA, however, can terminate all tunnels types (EZ VPN legacy IKEv1, AnyConnect SSL|DTLS,L2TP/IPSec fro mdiffernt endpoi...

Nelson Rodrigues · 06-30-2011

Charles, thi sneeds to be debugged further to diagnose the problem.Looking At AnyConnect (AC) 2.5.x and even 3.x Release Notes, there are some bug fixes for certifcates in there.http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnec...

Nelson Rodrigues · 06-29-2011

Charles,Assuming the certs are still valid, what changed in your environment ? Did the ASA version change from the time it was working and now? BTW, what version of ASA are you using on the ASA 5520?Do a "show version " on CLI or check the ASDM Ho...

Nelson Rodrigues · 06-29-2011

HI Charles, a coupl of questions to understand your environement.What versions of ASA and AnyConnect client is this occurring on?What OS plaforms do you see the problem with?Did cert-authentication ever work, or is this a random problem?Thx,Nelson

Nelson Rodrigues · 06-28-2011

Yes , you can do this. Thesame-security-traffic command permits traffic to enter and exit the same interface when used with the intra-interfacekeyword, which enables spoke-to-spoke VPN support.Here are some examples @ http://www.cisco.com/en/US/pro...

Member Since	‎01-31-2002 08:52 PM
Date Last Visited	‎12-06-2020 08:22 AM
Posts	89
Total Helpful Votes Received	113

User Statistics

User Activity

ASA Active/Standby Failover handling of Digital Certificates

Dynamic Access Policy (DAP) ACL Aggregation Use Case for SSL VPN

ASA: DAP enforcement of SSL VPN CSD Vault operation via process checks

DAP_ Enforcing CSD vault op..pdf

ASA: SSL VPN Certificate Authentication per Tunnel Group

Re: AnyConnect VPN Client FAQ

Re: Cisco AnyConnect issue

Re: Cisco AnyConnect issue

Cisco AnyConnect issue

Remote VPN to site-to-site vpn on ASA ?