Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,What is best practice config / design for QoS for data center switches? These switches are connected to servers and distribution switches.Should they be configured with as many DSCP as it could be, or let's say 5 would be enough? How about "auto q...
I've set up a new Cisco Cat 8000v with IPsec site-to-site and IPsec client VPN. The site-to-site is working fine, however the IPsec client VPN hasn't worked. I've followed the instructions in the following link from Cisco:https://www.cisco.com/c/en/u...
Hi,I'm struggling to configure a remote access VPN on a Cisco router. I can configure RA on a Cisco firewall and I can configure site-to-site on a firewall and a Cisco router. Anyone can advise me with some document? What I have found so far haven't ...
Hi !
I have a multicast setup in my network using PIM-ASM.
For some reason a router in my network stopped responding to IGMP requests. Although the show commands for IGMP showed everything works. Has anyone experienced the same thing? I’m planning to...
Hi, I've had 2 routers that are configured with iBGP. Each one of these routers are connected to an external provider with eBGP. I setup a new router with full mesh iBGP and when I connect it to the external provider i get logs saying that R1 and R2 ...
The problem was that the profile XML file was created via Guest-Shell. The file should be created then upload it to the switch in order for RA-VPN IPsec to work
I get cert warning only when connecting with SSL, not IPsec. Yes, I'm using Cisco Secure Client. I have tested now using the subject name, unfortunately, still the same error.The logs in the Secure Client shows: Connecting XXX.Ready to connect.
Thanks @Rob Ingram !
I have exported the cert from the router and imported to the PC. The cert i'm using in the router is a self-sign cert generated on the router. It works fine when I use SSL VPN, but the SSL VPN works only with local authentication...
Thank @Flavio Miranda !
I've imported the cert to the Windows Trusted cert but unfortunately it didn't make any difference. You may see the debug logs.
Do you mean should I remove:
match identity remote key-id *$AnyConnectClient$*
I did and unfortunately it didn't help. The logs however doesn't show the same error as earlier.
As for the ikev2 policy and proposal, they both are there. And for cert...
