Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have a site to site VPN using IKEv2 between an ASA 5506 (running 9.12.4) and an ASA 5516 (running 9.14.5). Authentication through PSK. (Same key for local/remote and static crypto map entry).Every 10 minutes or so the VPN goes down, I get some auth...
Hello
I have a Cisco ASA5508 and have set up for AnyConnect.
I have installed a GlobalSign certificate properly:
GOTFW001(config)# show sslAccept connections using SSLv3 or greater and negotiate to TLSv1.2 or greaterStart connections using TLSv1.2 a...
Hello, I have problems getting to the webinterface for configuring the ASA5506W wifi.According to the documentation, the access point should get the IP-address 192.168.10.2.I can't reach that IP from a computer on the "inside"-interface of the ASA. P...
No there are another VPN from that ASA as well, which is much more stable. (Endpoint on the other side of that is a Fortigate though, it does not use IKEv2 since it seems not quite compatible.)I have no other indication on any disturbances on the int...
Even if I do thecrypto map outside_map 1 set pfs group14command, it still only shows the same as before. In the GUI it has always shown group14. Perhaps it is the default value? Anyway, changing that did not do any difference. (And I suppose it would...
It helped somewhat setting identity to auto. It did change peer from FQDN to IP-address, and I did not receive any pre-shared key authentication failures anymore. The tunnel still goes down every 10-15 minutes, however, the down-time is much shorter ...
Yes you were rightcrypto isakmp identity hostnamewas set, I changed it as you said. Awaiting if this will change the behaviour.Btw, you know if this is possible to set in ASDM anywhere? I don't ever remeber changing this before.
