I have a tunnel built out and peering between a Palo Alto 3020 and a Cisco 1841. The Palo can ping the inside interface of the router, via the tunnel, but the router can not ping anything but the outside interface of the Palo. How do I add a route to...
I have some questions on how phase 1 operates on an ASA. We use an ASA in our data center for vpn only & there are currently 27 actives tunnels that are up. Using the command "show vpn-sessiondb l2l" I can see that there are a variety of encryption...
Hi, I am seeing a log in my HA ASA like this, "20000 AnyConnect Premium sessions exceed the limit on the platform, reduced to 10000 AnyConnect Premium sessions." Have any idea what causes this? Thanks
We've had existing site-to-site VPNs established with clients for over a year. We've recently moved facility and changed our gateway device to a Cisco ASA 5515. Previously, the VPN gateways were Cisco 800 series routers. The clients have updated t...
We took over a client for a company and are in the process of setting up the pre-login portion of AnyConnect 3.1.00495 but are not able to find the anyconnect-gina-win-3.1.00495-pre-deploy-k9 portion of this package on their servers. I have looked o...
Hello, we've got a ASA5525-X, v 9.8.2-33 and Anyconnect v 4.6.01103, authentication with Cert, SBL working, Anyconnect is connecting to "vpn.company.com/anyconnect", so everything's fine. Now I want a Test-PC connect to a Test-ASA with an externa...
So from what I understand the ASA uses TCP port 443 by default for Anyconnect SSL VPN. With this in mind say that a remote user sitting on their home internet connection wants to connect to their office using anyconnect to look at some files. If I...
Hi guys My cisco device is Router 2911. When I apply an IPsec profile to the interface tunnel I have a problem in CPU usage being increased by Crypto IKEv2. POL#show proc cpu sorted 1min | exclude 0.00%__0.00%__0.00% CPU utilization for five second...
Hi, would really appreciate your help. Currently I have a network topology setup, comprising of Inside,DMZ and OffSite zones configured with ASA. On the ASA, I have configured Anyconnect to be authenticated with Windows Server. Everything's perfect w...
Hi guys. Just curios what this? I have DVTI IOS router (HUB) as VPN gateway and many dynamic sites with IOS gateways (SPOKE) as well. Everithing looks like working fine. VPN, sessions established. dynamic subnets exchanged via VPN Just my curiosi...
Hi, Could I have a URL to find explanation for these TCP flags in PIXTCP out 10.49.50.61:7500 in 10.49.53.230:2723 idle 0:09:18 Bytes 225 flags UfrIObest regards
Currently users have the ability to choose whether or not to log in via the Anyconnect window. We would like the ability to stop this,so the user has to log into VPN and cannot access any resources, websites etc, without coming in via the company web...
Got a slight question mark here. Have 2 remote site connecting to the main HQ. Remote site A is doing local NAT to the internet and got a VPN tunnel up and running to HQ. (This is OK no issues here) On Remote site B, I want to tunnel all traffic up t...
Hello, I am currently experiencing an issue with this message showing up in my syslog for several of my 7206VXR's they are running 12.1(14)E6. Aug 2 10:20:16 router 400: Aug 2 10:20:15: %CRYPTO-4-RECVD_PKT_INV_SPI: decaps: rec'd IPSEC packet has...
Setup----------ASA5525-X running ASA-OS 9.8(2)35, configured as a VPN Headend gateway, using Native windoze 10 embedded VPN client.(This translates into Old school IPSEC Remote Access VPN, but using IKEv2 Policies)AAA is done using Certificates and L...
