Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi, I have one issue with IPSec tunnel Lan-to-Lan between ASA 5525x (v9.8) and ASA FPR 2110 (v9.16). My Tunnel is up but ping between each client was not successful. Both peer status sh cry isakmp sa in "MM_ACTIVE".I ran packet-tracer icmp between pe...
I have ASA 5506 version 9.8(2) in my office which connected to two (2) ISPs. I had implemented PBR to split our LAN subnet JTP and WIFI_JTP to respective route map. Subnet JTP which comes from wired vlan route-map to ISP 2 MYNET static ip and subnet ...
I ran dual ISP on ASA firepower 5525-x v9.8. One go to ADSL PPPOE line and second go to lease line ISP2. I need 3 vlans to be routed to the specific line accordingly such vlan wifi to pppoe line and the rest vlans Level_4 and Level_6 to ISP2 line. I ...
I have an old Cisco 5510 ASA 8.3 (1) been configured using ASDM 6.3 to linkup another office using site-to-site ipsec vpn connection especially for LAN-to-LAN implementation. That link was up, works fine and remain sustained for both of the sites. Th...
Hi there, I have 1 ASA 5510 version 8.3 with 4 interfaces. outside1, outside2, inside and DMZ. Both outside1 and outside2 interfaces connected to ISP1 and ISP2 respectively. And core switch connecting my ASA with all my internal users. My current pro...
I tried to remove route maps in fw fromroute WAN 0.0.0.0 0.0.0.0 10.152.25.33 2route LAN 172.16.4.0 255.255.255.0 172.16.100.51 1route LAN 172.17.1.0 255.255.255.0 172.16.100.51 1route LAN 172.17.2.0 255.255.255.0 172.16.100.51 1route LAN 172.17.3.0 ...
Hi, here I tested 4 trouble as per your suggestion. Trouble 5,6,7 and 9. However test 8 and 10 unable to run due to unrecognised command.Trouble 5: (PT)# show vpn-sessiondb l2lSession Type: LAN-to-LANConnection : 10.152.25.34Index : 82 IP Addr : 10.1...
Sorry for the delay due to another project go live.I,ve verify that group policy should be ok for both HQ and PTHQgroup-policy GroupPolicy_10.151.21.3 internalgroup-policy GroupPolicy_10.151.21.3 attributesvpn-tunnel-protocol ikev1tunnel-group 10.151...
HQI apply this ACL outside in interface# access-list OUTSIDE_ACCESS_IN extended permit ip object PT_SERVER object SERVER access-group OUTSIDE_ACCESS_IN in interface WANand it doesnt capture any hitcount. below is the results.access-list OUTSIDE_ACCES...
Hi MHM,based on your suggestion I have put "sysopt connection permit-vpn" on both fw. But nothing change, result still the same, unable to ping. I tried to search the command "sysopt connection permit-vpn" on both fw setup but unfortunately there was...
