Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello Everyone,I've experienced this issue on three seperate occasions now. What happens is that a connected client will suddenly loose connectivity to everything but the ap registration address of the 5760 wireless contorller. A reset of the affecte...
Hello, I have successfully installed a 3rd party cert from GlobalSign on the 5760 for webauth with an open SSID. It works for about a week or two, then for some reason the 5760 stops using the GlobalSign cert and starts giving clients the IOS-self-si...
I'm not seeing anything jumping out at me from the config. At this point I'd configure logging and check the log for what is happening when you attempt the connection. I like to look at the log from the CLI but ASDM would work too.logging buffer-size...
I would add lines to the nonat ACL permitting ICMP in addition to IP. Before you do that, run the packet tracer command again with TCP instead of ICMP. Does it still drop on Phase 3?What did you see from the show crypto ipsec sa command? Was there an...
I don't believe you can do with without adding extra hardware like you mentioned. Your options would be additional ASAs behind the existing ones or a router that you can manage on the outside of them. If security is not a concern and you're only requ...
Your no nat ACL is only performing the operation on IP. ICMP is not IP, which is why I believe your packet tracer is failing. Are things working with TCP? The following traffic defined in your crypto map is being blocked by the access list you have a...
