Can anyone suggest how I can configure the ASA to permit the QuickVPN client at the remote site (with the ASA) to connect to the RV042 at SiteA?
Alternatively, advise how I might troubleshoot this?
I suspect it could be a matter of identifying what is being dropped by the ASA (maybe an ICMP packet). I do know the ASA does permit stations at SiteB to ping internet addresses (so ping and reply packets are permitted for normal NAT traffic). Or perhaps it is dropping or not routing the encrypted return traffic (which my logic would indicate should not be treated any different than other traffic).
In my case the RV042 is a client's firewall/router and we want to be able to connect to it from SiteB.
FYI, on a scale of 1 to 10 my skills with the ASA would be about 4 (I could set one up act as a NAT router and get L2TP\IPSEC VPN to work, but not much else). I'm hestitant to just log a TAC because the VPN client will likely be considered 3rd party to the ASA support group (same company, different division).
FYI: just before submitting this to the forum I found this article which I'll try later today:
Title: CISCO ASA 5510, 5505 Creating A VPN Passthrough
Setting up some 3rd party devices for my Fire and Rescue trucks that will VPN back to our FPR-2110. I can blatantly see what's going on with the IKEv2 platform and protocol debugs on. It's selecting the wrong dynamic map!IKEv2-PLAT-4: (32): Cry...
On January 22, 2020, the Cisco Product Security Incident Response Team (PSIRT) disclosed a vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC). The vulnerability could allow an unauthenticated, remote attac...
Meet the Authors Event - A Cybersecurity Deep Dive with Omar Santos
(Live event – Thursday, January 23rd, 2020 at 10:00 a.m. Pacific / 1:00 p.m. Eastern / 7:00 p.m. Paris)
This event will have place on Thursday 23rd, January 2020 at 10hrs PDT
Posting this for anyone interested in using a Raspberry PI as a flow collector for Stealthwatch. We created a very lightweight version of our software. It can create flows if the eth port is attached to a SPAN or you can forward NetFlow/IPFIX ...