Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello,I have been tasked with upgrading an SSL VPN solution to add a VPN profile that utilizes certificate authentication (the other profiles currently use AAA).Before I make a start on the live systems I want to get it working in a lab environment, ...
Hello, I am attempting to import a root CA certificate into my ASA 5585X from our internal PKI.The CA Cert uses the following:Signature algorithm - ECDSASignature hash algorithm - sha256Public key - ECC (384 Bits) I get the following error when attem...
Hi All,ASA version 9 now includes the next generation (suite B) for encryption.I have found the following Q&A:Q. Is next generation encryption available on all ASA platforms?A. No. Next Generation Encryption is fully supported on the ASA 5585-X, 5500...
Hi, Could you please confirm what additional configuration was required?I can see from the config output on your 08-28-18 post that pim sparse-dense was added to interface Service-Engine0/1/0 and interface Service-Engine0/4/0, but the final post sugg...
This is excellent,However the stronger of your two policies does not work (ikev2 policy 10)The Azure basic SKU supplies the following proposals:Proposal 1: AES-CBC-256 SHA1 SHA96 DH_GROUP_1024_MODP/Group 2Proposal 2: AES-CBC-256 SHA256 SHA256 DH_GR...
Hi,Sounds like your PC is not getting DNS from the environment. You can push DNS server details to VPN clients when you configure the remote access VPN profile.Once you have DNS setup you should be able to resolve the URLs.
Hello,Sorry for the late reply.The certificate was resigned using RSASSA algorithm in PKCS#1 v1.5 rather than PKCS#1 v2.1This was a registry fix on the Windows machine issuing the certificates. Also, if you are using key lengths 4096 and 2048 you are...
