Howdy Cisco Community!Need your help as fairly new trouble shooting site to site VPN connectivity.I am unable to establish VPN connectivity per information below.Site:1crypto ipsec ikev2 ipsec-proposal CSM_IP_1protocol esp encryption aes-256protocol ...
Forum Posts
Hi here,I'm looking for advice on editing my DefaultProfile.xml in Cisco and deploying it via policy to all Mac devices to establish a new connection. However, it seems that my Mac is retaining memory of the last successful connection, making it appe...
I'm hoping I can explain this clearly enough. I have a remote site with a site-to-site tunnel. From the Home Office and the remote site, we are allowing a split tunnel, but we need to tunnel a specific external site via the home office.The IP Scope f...
Hi All. I would like to get your thoughts on the following issue i have been facing since implementing Dual ISP and failover for site-to-site vpn tunnels.Hub Site:ASA5515 using 9.6(4)42Spoke sites:Cisco ISRs using 15.1(4)M8, using voip services over ...
I have a requirement for VPN with MFA for a subset of users, while protecting the other users from Spray attacks. Scenario: Customer is currently implementing VPN with MFA for a defined set of users (1/3 of staff)Most users do NOT have a requiremen...
Running Window 10 fully patched and I've installed Secure Client on a bunch of our users machines. Things seems to work for the most part, but there is an annoying behavior that I can't seem to find the cause of. Randomly, multiple times a day, the S...
Hello, we're running Cisco Anyconnect 4.2 NAC to connect to our VPN. I'm running into an issue where it's telling me that there are no network adapters. I've tried uninstalling/re-installing the network adapter drivers, Cisco NAC and I just can't get...
We are having an issue were after disconnecting from AnyConnect and connecting the next day, they get a new IP in AnyConnect but in our local DNS they have another IP which I assume is probably from the day before. This obviously causing name resolut...
OK, so I've got a set of ASA's and we are migrating them to Firepowers, and all seems ok. In the past we have noticed that for some reason on the ASA's, no matter what you specify as the parameters for phase 1, the rekey timer always connects at 3600...
Good day to everyone.I have two Cisco ASA running on FPR2130 assembled into a balancing group, for example:vpn-gw1.example.comvpn-gw2.example.comgeneral address vpn.example.com.Firmware version 9.18.3.56Anyconnect 4.10.07062At the moment, all our emp...
Hi, We are trying to implement Azure SAML SSO on our Firepower 1010. We are using ASA 9.19.1 and Secure client 5.0.02075. When we try the login via Azure by clicking the "Test this applicaton" the login works and there are no errors in the logs. The ...
Hello Team,I have below topology : -I have ipsec vpn from on-prem to aws cloud. the two endpoints [192.168.40.10/32, 192.168.30.10/32] work fine as they are allowed on the encryption domain.I have users using remote vpn to connect to on-prem dc to a...
Hello, Is it possible on Cisco FTD managed by Cisco FMC define multiple DH Group in Phase2 ? From what i see it is just possible one. I tried put , but it doesnt accept. Also looking maybe for option to add thorugh flex config but didnt find any rel...
Cisco AnyConnect Secure Mobility Client version 4.10.04071 shows "No Wi-Fi adapters available." when in fact there is an active wifi connection. I can also make a VPN connections.Seems like a GUI error?See screenshot:To reiterate
Hi, I am currently encountering issue on route-based ipsec vpn. I cannot ping my remote IP also the remote tunnel. I have verified that there is no decap showing on packets. I already configured static route between each site and still unsucessful of...
