About matthewceroni

matthewceroni · 10-24-2014

Hi:I am attempting to follow the Cisco TrustSec Deployment guide (http://www.cisco.com/c/dam/en/us/td/docs/solutions/Enterprise/Security/TrustSec_2-0/trustsec_2-0_dig.pdf).So far things have been going well. I am at the point of adding in my Seed dev...

matthewceroni · 06-18-2014

I am attempting to configure eigrp between a Cisco 5510 and a Cisco 3560. Here is the relevant configuration: ASA: interface Ethernet0/1 nameif Inside security-level 100 ip address 172.17.254.1 255.255.255.0 router eigrp 2 network 172.17.254...

matthewceroni · 01-21-2014

Hi:I have a Cisco 2960 running 12.2(50) SE5 LAN base image. When trying to configure 802.1x in multi-auth host mode I am unable to get my clients to successfully connect.Under a normal circumstance (ie: no multi-auth host mode enable) 802.1x clients ...

matthewceroni · 10-28-2013

Last Thursday we started to experience some odd behaviour with a L2L IPSEC tunnel we have with one of our customers. This tunnel was created a few months back and had been working without issue up until the end of last week. I manage our side of the ...

matthewceroni · 08-14-2013

We have a few remote access VPN portals setup on Cisco ASA 5510. Every now and then we get reports from users saying that it will not accept their credentials. After some time if they try again it will work. I have been trying to track down the issue...

matthewceroni · 07-11-2013

Well upon further research it looks like the exclude option for split-tunnel-policy is only applicable to the VPN client. Doesn't work with AnyConnect.Is there a way to get the same sort of functionality when using AnyConnect?

matthewceroni · 05-27-2013

Hmm. Interesting, I was looking through the configuration and as you stated I didn't see anywhere where the remote and local networks were set.However I have a tunnel that is setup, and if I look at the connection profile, the remote and local addres...

matthewceroni · 05-27-2013

Follow-up on this, just trying to expand my knowledge when it comes to IPSec tunnels.I have seen a few tunnels where the remote and local address specifications match exactly what is in the crypto maps (if you edit the remote and local address for th...

matthewceroni · 05-24-2013

As for your question of just creating an object-group network with all hosts under it. That is what we do. I mis-spoke previously. It just gets unweidly having all those network-object hosts.Thanks

matthewceroni · 05-24-2013

Would need more information / configuration details. It could be ACLs, NAT rules, many many things. My guess would be a NAT identity / exempt rule. Since VPN clients connect from the outside, to get to site B they have to hairpin (so ensure that is e...

Member Since	‎03-16-2013 11:11 PM
Date Last Visited	‎08-18-2017 04:03 AM
Posts	37

User Statistics

User Activity

Cisco TrustSec Catalyst 3650

Configuring eigrp between a Cisco ASA 5510 and Cisco 3560

Cisco 2960 802.1x multi-auth with dynamic VLAN assignment

ASA to ASA IPSEC tunnel : intermittent connectivity

AnyConnect intermittent connection issues

Remote Access VPN - split tunnel configuration

IPSEC tunnel - remote and local network specifications

IPSEC tunnel - remote and local network specifications

IPSEC tunnel - remote and local network specifications

Site to site VPN issues