Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Introduction Introduction The document briefly describes in an FAQ format the Failover requirements for the ASA 55xx VPN/Firewall appliance in handling digital certificates . Q. What are the general Failover capabilities and requirements of the A...
The attached document .pdf describes the configuration details for deploying Clientless SSL VPN ACLs via Dynamic Access Policies (DAPs). Multiple ACLs will be aggregated for VPN policy enforment. The same concept can be applied for Network (Layer 3) ...
IntroductionConfigurationRelated InformationNOTE: Check outHow to Format Your Document from a Templatefor the HTML CODE to copy Introduction This simple example shows how to enforce process checks via Dynamic Access Policy (DAP) that specifi...
IntroductionConfiguration CLIConfiguration via ASDMSupported ModesSyslogsAnyConnect and Clientless WebVPN user behavior when using Certificates for AuthenticationCertificate Authentication for ASDM administrative sessionsCisco Secure Desktop (CSD)Sce...
Are you attempting to do both ANyConnect SSL and IPsec IKev1 simultaneously on fro mhte same endpointPC? You cannot do that. The ASA, however, can terminate all tunnels types (EZ VPN legacy IKEv1, AnyConnect SSL|DTLS,L2TP/IPSec fro mdiffernt endpoi...
Charles, thi sneeds to be debugged further to diagnose the problem.Looking At AnyConnect (AC) 2.5.x and even 3.x Release Notes, there are some bug fixes for certifcates in there.http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnec...
Charles,Assuming the certs are still valid, what changed in your environment ? Did the ASA version change from the time it was working and now? BTW, what version of ASA are you using on the ASA 5520?Do a "show version " on CLI or check the ASDM Ho...
HI Charles, a coupl of questions to understand your environement.What versions of ASA and AnyConnect client is this occurring on?What OS plaforms do you see the problem with?Did cert-authentication ever work, or is this a random problem?Thx,Nelson
Yes , you can do this. Thesame-security-traffic command permits traffic to enter and exit the same interface when used with the intra-interfacekeyword, which enables spoke-to-spoke VPN support.Here are some examples @ http://www.cisco.com/en/US/pro...
