Hi all,We are running an ASA 5512-X firewall running firmware version 9.12.4(62) from September 2023. It is end-of-life and will be replaced in the next few months. Until then I have to make do with this firewall.We are using AnyConnect, or in this c...
Forum Posts
Hello, I try to authenticate RA VPN users connecting to a FTD device. The radius requests are going over a L2L IPSec tunnel to an ISE server, but no radius packets reach the ISE server and the radius debug on the FTD just show RADIUS_SENT:server res...
Hello,I have a IPSec VPN setup on my ASA which allows the client to reach the inside. I've added a DMZ and I would like to allow VPN access to it as well. I have made the configurations to allow access but it's not working. Can some please let me kno...
Hello everybody,our customer has a Firepower 2130 running ASA-image rel. 9.14(3)18 and it has hundrets of S2S tunnels configured.We are in the process to change all S2S tunnels from IKEv1 to IKEv2 andin the most cases it is not a problem.But this tim...
Hello, I have a hub and spoke topology with IPSEC tunnels (FlexVPN) and the tunnels are working good. The problem is that I have unwanted ikev2 requests every minutes, while the IPSEC tunnel is already established to the hub. When the tunnel is admin...
HejI have a Linux server (no-gui) that we want to connect to Anyconnect. But I am having a bit of a trouble figuring out how to connect to Anyconnect from Linux terminal.From some googling this is what people seem to use the command below, but I get ...
Hi Members,Can anyone help me with configuring my asa with anyconnet vpn so my users can access different subnets in Azure?I've deployed the asa already and interfaces are picking up correct ip's. Im stuck at the routing and the asa configuration.Has...
Hi, We have an issue with a secondary ASA in multi context not getting the shared Apex licenses, we need to get the secondary ASA added to the existing Apex license, can anyone please advise. Additional, please share the details. what are the diff...
Hello Team,Does there any way to get AnyConnect deviceuniqueid from windows 10 to add this Attribute to DAP on ASA.I can't find it by anyconnect driver details thanks in advance.
Hello Team,Need ideas on how to implement 2FA on cisco AnyConnect for remote VPN.Currently users are authenticating via Microsoft AD.Thank you.
Attempting to come in over VPN where I have hairpin NAT enabled to allow outbound access, as well as source NAT for the inside interface for all inbound traffic. This all works and I can access the internet as well as access any internal host, but I ...
Hi, Upgraded ASA from 9.14(2) to 9.18(3). After upgrade Anyconnect can't connect. "Wasn't able to establish connection with specified secure gw. Try again"From ASA log.Authentication radius - passedAuthorisation ldap failed.In logs i see, that certif...
We have a site-to-site VPN topology like this:site 3---------site 1---------site2We have some remote access users that VPN into the ASA at site 1. They can access site 2 just fine, so I tried to copy the config (changing to relevant networks) to allo...
I have configured SAML authentication for AnyConnect using Azure/Entra and this is working well, I am now trying to configure a dynamic access policy to assign an ACL based on attributes received in the SAML token but it is not working as expected an...
Resolved! ASA VPN not connecting
I am new to configuring VPNs and have this topology.Background: we just added site 3 and created the VPN connection and it is currently working.site 3 ---VPN------- site 1------VPN----- site2Site 1 can communicate with both site 2 and 3. However, sit...
