About Fabian L

Fabian L · 07-17-2014

Recently we've changed from LOCAL to LDAP authentication and added additional group-policies for different users to increase security.To prevent users from selecting an incorrect group-policy, the LDAP server provides a IETF-Radius-Class value which ...

Fabian L · 05-18-2013

I'm having issues with an exotic NAT/VPN configuration which results in "Asymmetric NAT rules matched for forward and reverse flows" on outgoing traffic.Subnets: outside: 127.16.0.2/30 Inside1: 192.168.1.1/24 Inside2: 192.168.2.1/24 VPN branch office...

Fabian L · 07-17-2014

Thanks for the suggestion, but just like enabling tunnel-group-list group-url provides a 'variable' to a user which allows the user to change the tunnel-group. I'm aware it's possible to deny certain users to certain tunnel-groups but providing the ...

Fabian L · 07-17-2014

This discussion is still the first hit when searching on this issue. I ran into the same issue with ASA version 9.1(5) and Annyconnect client 3.1.05160.bug CSCtb74535 still shows 'Known Fixed Releases: (0)'If you don't want to tunnel IPv6 traffic but...

Fabian L · 05-31-2013

Apologies for reopening this answered thread, but it seems the right place because it contains very useful information.SITE A:access-list vpn_acl_x_x_x_x extended permit tcp host 10.20.0.1 host 10.10.0.1 eq 22access-list vpn_acl_x_x_x_x extended perm...

Member Since	‎05-18-2013 10:10 AM
Date Last Visited	‎06-21-2019 08:10 AM
Posts	5
Total Helpful Votes Received	25

User Statistics

User Activity

Anyconnect tunnel-group and group-policy from LDAP

Double NAT needed. Asymmetric NAT rules matched

Thanks for the suggestion,

This discussion is still the

ASA 8.4(1) L2L vpn-filter obscurity when specifying protocol and