Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have a VPN tunnel that's coming up ok, capture shows the traffic hitting the inside interface, but nothing is getting to the next hop. When I do a packet trace the traffic fails:
QUI-GHP-VFW-001-2# pac input outside raw 172.17.60.134 1 8.39.192.13 ...
I have a VPN tunnel that's coming up ok, capture shows the traffic hitting the inside interface, but nothing is getting to the next hop. When I do a packet trace the traffic fails:
QUI-GHP-VFW-001-2# pac input outside raw 172.17.60.134 1 8.39.192.13 ...
I have a 5550, we want to poll the inside interface using a snmp monitoring app. I added the "management-access intfname" to allow the polling, but the snmp polling server isn't able to get info from the interface. The poller is getting info from i...
How do I move between CATos and CATios modes while connected to the console port?the IOS I'm running is:Cisco Internetwork Operating System Software IOS (tm) MSFC2 Software (C6MSFC2-JSV-M), Version 12.1(8b)E7, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)T...
We have several routers around the world connected to a VLPS cloud. We want to backhaul the traffic, Inet and private, for some of the smaller sites through other larger sites. These smaller sites usually have an internal routing switch connected t...
So if the ACL on the outside interface isn't being processed what ACL is being refered to in
Phase: 4
Type: ACCESS-LIST
Subtype:
Result: DROP
Config:
Implicit Rule
Additional Information:
Forward Flow based lookup yields rule:
in id=0x7f98e1dd6200...
The outbound direction works. Remote users, anyconnect, connect remotely.
My big question is, is VPN traffic, after it's decrypted, filtered through an ACL applied to the in direction on the outside interface?
Do you know?
There is a bug introduced in 8.4(2) and above that prevents management traffic (ping, ssh, snmp etc) from a vpn tunnel to the interface defined in "management-access intf". See the release notes for 8.4(2) for a complete discussion.Add the key-word r...
The solution is, there is a bug in v8.4 and above that prevents monitoring traffic (ping, ssh, snmptraffic, etc) from a VPN tunnel to pass through the ASA and connect to the interface with the management-access command applied on the ASA. This bug i...
