Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I am trying to set up a LAN-to-LAN VPN tunnel between two sites. One site has a 5505, and the other site has a 5510. It looks like the tunnel is being established fine (both ISAKMP and IPSEC SAs look OK), but traffic doesn't appear to be routing ac...
I'm trying to set up my Cisco ASA 5505 to authenticate against and openldap server. My OpenLDAP version:@(#) $OpenLDAP: slapd 2.4.9 (Sep 9 2009 11:22:34) $I have an LDAP group that I want to use to restrict access for the VPN connections.ldap-serve...
I am trying to configure VPN access to my Cisco 5505 with AnyConnect VPN client. Here is the relevant information from my config:interface Vlan2 mac-address xxxx.xxxx.xxxx nameif outside security-level 0 ip address A.A.A.A 255.255.255.240!access-lis...
I have a Cisco ASA 5505, and I'm trying to forward HTTPS traffic to one internal server if it comes from either of two external networks (i.e. X.Y.0.0/16 and C.0.0.0/8), and to a different server if it comes from anywhere else. Can anyone provide me ...
I'll have to check this out at some point. I ended up using a RADIUS server.aaa-server FreeRadius protocol radiusaaa-server FreeRadius (inside) host 192.168.1.20 key ***** authentication-port 1812tunnel-group VPN general-attributes address-pool VPN_...
Figured this out. I had an extra line in the crypto config that needed to be removed from both devices:crypto ipsec transform-set ESP-3DES-SHA mode transportI also removed the route statements to see if it would still work, and it is still working a...
Here's what I got back from the network administrator:I can assure you that these protocols are open as well.We have 4 Site-to-Site VPN tunnels and 53 Remote Access IPSEC/SSL VPN tunnels terminating on an ASA 5520 that is in the same rule set as your...
I fail to see what relevance these access lists have on my issue. The ICMP traffic I'm using to test does not match either of these. These don't show up in the packet-tracer output either.(I removed them for a sec anyway, and no change)
Yes, I have sysopt connection permit-vpn. Here's the full output for the 5505. Settings are the same for the 5510.no sysopt connection timewaitsysopt connection tcpmss 1380sysopt connection tcpmss minimum 0sysopt connection permit-vpnsysopt connect...
