Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello, This is a "what am I doing wrong?" question. Any hint would be appreciated ;)) The code works fine as long as I set GUA IPv6 addresses, but when I try to set a link-local IPv6 address with the code below, I get the following error :$ python3 ....
Hello,I am migration an IPsec site to site VPN config to a new ASR1001 router «facing» a Linux box (ipsec-tools + racoon).As the Debian Linux does not offer VTI, I am using a crypto map.The working config is given below with the corresponding logs on...
Hello,While reading the page linked below, I was surprised to see an ACL is created and never referenced in the class-map that comes afterward.http://www.cisco.com/en/US/docs/ios-xml/ios/sec_data_zbf/configuration/xe-3s/fw-stateful-icmp.htmlIs the AC...
Hello,This is my first post so please forgive my poor english ...We have a ISR 2851 + NME-16ES-1G with per-vlan subinterfaces defined at the router level.The Gigabit internal link is used as a trunk between these subinterfaces and the network module ...
Hello,If you can read french or read through automated translation (which can be quite funny), I started a documentation at the following page : http://www.inetdoc.net/articles/site2site-ipsecvpn/Here is a sample racoon.conf :#
# Please read racoon.c...
Hello,That's it ! A big thank you for your time Following your advice, I set up a new ESP only transform set and both IKE phases worked perfectly.It seems the issue you mentionned is independant of any hash or encryption algorithm and ASR1k IOS ...
Hello,Here are the requested informations.As a proof of interesting trafic, I can only show the access list matches~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~asr1001-gw#sh ip access-lists 120Extended IP access list 120 10 permit ip host 130.120.124.8 host 19...
Hello Rick,Thanks for your answer. The encapsulation problem is related to arp requests as we have incomplete entries in arp table.I tested the 'native' keyword after the encapsulation instruction.The problem is still there and:. the 'native' keyword...
