About mattkl3com

mattkl3com · 02-25-2011

I am trying to set up a LAN-to-LAN VPN tunnel between two sites. One site has a 5505, and the other site has a 5510. It looks like the tunnel is being established fine (both ISAKMP and IPSEC SAs look OK), but traffic doesn't appear to be routing ac...

mattkl3com · 10-06-2010

I'm trying to set up my Cisco ASA 5505 to authenticate against and openldap server. My OpenLDAP version:@(#) $OpenLDAP: slapd 2.4.9 (Sep 9 2009 11:22:34) $I have an LDAP group that I want to use to restrict access for the VPN connections.ldap-serve...

mattkl3com · 09-30-2010

I am trying to configure VPN access to my Cisco 5505 with AnyConnect VPN client. Here is the relevant information from my config:interface Vlan2 mac-address xxxx.xxxx.xxxx nameif outside security-level 0 ip address A.A.A.A 255.255.255.240!access-lis...

mattkl3com · 08-06-2010

I have a Cisco ASA 5505, and I'm trying to forward HTTPS traffic to one internal server if it comes from either of two external networks (i.e. X.Y.0.0/16 and C.0.0.0/8), and to a different server if it comes from anywhere else. Can anyone provide me ...

mattkl3com · 05-23-2011

I'll have to check this out at some point. I ended up using a RADIUS server.aaa-server FreeRadius protocol radiusaaa-server FreeRadius (inside) host 192.168.1.20 key ***** authentication-port 1812tunnel-group VPN general-attributes address-pool VPN_...

mattkl3com · 02-28-2011

Figured this out. I had an extra line in the crypto config that needed to be removed from both devices:crypto ipsec transform-set ESP-3DES-SHA mode transportI also removed the route statements to see if it would still work, and it is still working a...

mattkl3com · 02-28-2011

Here's what I got back from the network administrator:I can assure you that these protocols are open as well.We have 4 Site-to-Site VPN tunnels and 53 Remote Access IPSEC/SSL VPN tunnels terminating on an ASA 5520 that is in the same rule set as your...

mattkl3com · 02-28-2011

I fail to see what relevance these access lists have on my issue. The ICMP traffic I'm using to test does not match either of these. These don't show up in the packet-tracer output either.(I removed them for a sec anyway, and no change)

mattkl3com · 02-25-2011

Yes, I have sysopt connection permit-vpn. Here's the full output for the 5505. Settings are the same for the 5510.no sysopt connection timewaitsysopt connection tcpmss 1380sysopt connection tcpmss minimum 0sysopt connection permit-vpnsysopt connect...

Member Since	‎08-06-2010 11:09 AM
Date Last Visited	‎08-18-2017 03:53 AM
Posts	16

User Statistics

User Activity

LAN-to-LAN IPsec VPN tunnel traffic not being routed

Cisco ASA LDAP authentication with openldap and groups

AnyConnect VPN connections to Cisco ASA 5505 denied

Need rules to foward HTTPS traffic based on source IP

Re: Cisco ASA LDAP authentication with openldap and groups

Re: LAN-to-LAN IPsec VPN tunnel traffic not being routed

Re: LAN-to-LAN IPsec VPN tunnel traffic not being routed

Re: LAN-to-LAN IPsec VPN tunnel traffic not being routed

Re: LAN-to-LAN IPsec VPN tunnel traffic not being routed