Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
The organization I work for took over management of a network with ASA's which I have almost no experience with unfortunately. What's also unfortunate is this host isn't covered by a SMARTnet contract (yet). I'll boil the topology down to the two h...
Thank you for responding Christian. Attached should be the config file. I'm trying to accomplish two things: Source icmp-echo from 63.236.240.138 to 192.168.23.254.Source ssh from 63.236.240.138 to 192.168.23.254.I'm hoping accomplishing step 2 wil...
I removed that ACE and re-tested and I verified phase 2 did complete without it. I don't know what I did last time but you're right, it isn't needed so I'm leaving it out. I'm testing by generating icmp-echo's from 63.236.240.138.
This host only has a default route. route FIBER 0.0.0.0 0.0.0.0 72.23.219.225 1I'm expecting the crypto map to encrypt traffic as it egresses the FIBER interface but this isn't happening based on the encap counter from the ipsec sa output. crypto map...
The VPN_TRAFFIC_ENCRYPTED ACL is used by the NDistricts2AMIS crypto map. Wont applying this remove the interesting traffic?no access-list VPN_TRAFFIC_ENCRYPTED extended permit icmp 192.168.23.0 255.255.255.0 host 63.236.240.138I applied it anyway, c...
