Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi guys,I am doing some basic VIEW config with Cisco ACS 4.2 and I've had a issue below:1. %AAA-6-USER_BLOCKED: Enable view requires to be authenticated by non-none methods,Please use the appropriate method with the login authenticationNone method ...
Hello,I have done configuration for Hub/Spokes in th DMVPN Case and It's worked fine. But after reload Hub and I saw some error output below although I've added crypto isakmp invalid-spi-recovery command in the Hub & spokes :*Oct 7 03:10:03.175: %C...
Hi Guys,Anybody has been done VPN site-to-site between ASA and Router with certificate authentication by using another router action as PKI Server? In my case: | R4(NTP/PKI Servers)||(dmz) |-----R1------- (inside)...
Hi Guys,Anybody has been done VPN site-to-site between ASA and Router with certificate authentication by using another router action as PKI Server?In my case:| R4(NTP/PKI Servers)||(dmz) |-----R1------- (inside) A...
Hi Wzhang,Thank you for responding my case but "crypto isakmp keepalive command" can not help in this case. I looking for How to know processing recovery look like output debug? anybody know this?Regards,Tran
Marcin,Absolutely , tunnel-group based on IP address and the debug is previous issue (Phase 1 is not completed). I'm just confusing about reporting in the debug Certificate was successfully validated ....I didn't see DH take over and create shared se...
Marcin,Once again, your question is:what is done after initiator's certificate has been validated?and the validation you were seeing is certificate being valid (not expired, not in CRL) and not identity of other peer Marcin, I saw in the debug and I...
Marcin,the info for you:%ASA-7-713906: IP = 136.1.122.200, Trying to find group via OU...%ASA-3-713020: IP = 136.1.122.200, No Group found by matching OU(s) from ID payload: ou=CCIEsec,%ASA-7-713906: IP = 136.1.122.200, Trying to find group via IKE...
