Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Dear all,i’ve just hit an odd problem with an ASA | PKI | VPN Tunnel setup.I tried to connect a remote ASA to a central pki server using SCEP.The setup looks like this:ASA-Remote <===L2L-VPN===> ASA-Central --- PKI ServerThe ASA remote has a trustp...
Dear CSC,I just stumbled upon a strange ASA / SSH problem.First of all some specs:ASA 5520 - Active /Standby Multi Context mode running 8.4.3I’ve configured SSH login with local authentication and it works fine if I permit access from anywhere.I want...
Dear all,I had a view minutes today playing with IKEv2 on a Cisco Router running 15.2.2T . Since I’m running on IPSEC + HSRP + SSO in our live environment I tried to recreate the setup wit ikev2 but failed in every aspect. So my question does a HA s...
Hi all, We’ve a large problem with our new setup ACS. We have set it up to use windows active directory as external user database. The authentication works fine and most within expected times. Our major problem is if we want to change something withi...
Hey Jouni,first of all thanks for your response and yes you've tracked my problem correctI thought about your solution, but I'm not sure that it works because (as far as i remember) for logging and snmp to work you have to configure, that the (remote...
Hey VarounJust checked it again –that was my first thought but well as mentioned ASA is using 10.0.0.1 (2)/28 and the client was using 10.0.0.4/28 in fact I could see the following log entry:302013 - Build inbound TCP connection 564479 for MGMT:10.0....
Hey Pedro, thanks for the link, tried to find something specific about HA but (maybe i was to blind) didn't find anything specific. What i wanted to accomplish was that my VPN sessions are transfered to router 2 when router 1 fails.Cheers Michael
Hi, both solutions would not cause problemsif i'll
choose failover pair then i'll have a problem with dynamic routing. If you're going Active / Passive you can have dynamic Routing - if you go Active / Active you can´t have VPN anyway so this is no ...
