Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello, I have configured remote access vpn on asa with ldap authentication. But I can't limit vpn access with specific ldap group.Here is my config: ldap attribute-map VPN_GP_MAPmap-name memberOf Group-Policymap-value memberOf "CN=Alternate VPN HR Us...
I am working on SNMP monitoring using OIDs for disk/flash usage and haven't found the OIDs that I need. Has anyone else found out how to monitor ASA disk usage using OIDs?
Hey Fellow Cisco Professionals,
I am working on enabling FIPS mode on my ASAs(5516x and 5512x) but my site to site and remote access VPNs break after enabling FIPS. I'm having trouble finding good documentation for any prerequisites or caveats for...
I have a stack of 2960x switches are I am monitoring them using OID values. However, I am having trouble finding the OIDs for the individual switches in the stack. For example, when I use the OID 1.3.6.1.4.1.9.9.109.1.1.1.1.5 (object pmCPUTotal5min) ...
kind of a 2 parter but might be resolved with the same config.
I am trying to configure the IT VPN to be able to ssh into the inside interface of ASA1(site1) and then the second part would be to all this same IT VPN through ASA1 to the 2 site-to-s...
You are absolutely right it was inheriting the 0 logins from the default policy. Can't believe I was missing that, but I'm glad it's now working Thank you, sir
Thanks Balaji for responding.
I've come across that link before, but it doesn't have disk usage. Does that mean the ASA 5500 series doesn't support SNMP disk usage monitoring?
Thanks for your response, Marce1000.
I have 6 2960x in a stack and when I run snmpwalk with the OID in that link (.1.3.6.1.4.1.9.9.109.1.1.1.1.5) it only shows one CPU instead of the 6 I would expect.
snmpwalk -v2c -c public 10.X.X.X .1.3.6.1.4...
Excellent response. I wasn't thinking about this because I was already able to ssh the inside interface of the ASA from the internal network.
I am now able to ssh into ASA1 inside interface from the ITVPN subnet.
Thank you for your response.
Yes, IT VPN meaning a specific pool of addresses that IT users get assigned when connecting to the VPN. I have allowed this subnet ssh access from the outside and inside interfacessh (ITVPN-subnet) 255.255.255.0 INSIDEs...
