Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
The problem is some subnet from our backend is able to connect to public NTP server (actually to multiple public networks) through our Cisco ASA - which is strange, because there's no ACL or NAT that will allow it to pass. Trying to get detailed info...
Here is the output. Hope it can be helpful ASA-1# show run cryptocrypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmaccrypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmaccrypto ipsec ikev1 transform-set ESP-AES-256-SHA es...
No luck with anything you advised. There's no cryptomap acl that matches these particular source/dest ip. I even analyzed the hitcounts from the packet-tracer output with hitcounts from all acl lines - they don't match.hits=4303490516 - is the hitcou...
No luck with anything you advised. There's no cryptomap acl that matches these particular source/dest ip. I even analyzed the hitcounts from the packet-tracer output with hitcounts from all acl lines - they don't match.hits=4303490516 - is the hitco...
