VPN

hi, i have ASA and there is site to site vpn configured with SITE-A. now additional requirement , i want to create one more tunnel using VTI (GRE) also , i have to translated two of my local subnets as there is IP address conflict on the other side S...

My vpn connection fails with the following debug messages:   ISAKMP: encryption 3DES-CBCISAKMP: hash SHAISAKMP: default group 14ISAKMP: auth pre-shareISAKMP: life type in secondsISAKMP: life duration (VPI) of 0x0 0x0 0x70 0x80 ISAKMP:(0):Preshared au...

Hi guys, My VPN is using cert based authentication but we just found out that even non-corporate devices can still connect to the VPN by not checking the "Block Untrusted Servers" in the AnyConnect settings. Is it possible to block those non-corporat...

I have created an LDAP connection with our domain controller and can successfully authenticate.  I have 3 different tunnel groups that are tied to one general anyconnect group-policy.  The 3 groups that I am working with are Network Operations, Sales...

Hi All, I have an ASA in the field that has a VPN tunnel with two peer IP's listed; The first one is to DC1 and the 2nd one is to DC2. crypto map outside_map 1 match address outside_1_cryptomapcrypto map outside_map 1 set pfs group5crypto map outside...

Hi Guys,   Hopefully someone can help me, we are having numerous users (not all) having an issue whereby when they connect to VPN using Cisco Any-connect (Version 4.3.04030) it keeps dropping the connecting after 1 minute or so maybe even 1 minute 10...

Please i have this challenge i have been battling with, i have 2 radius servers, ISE 2.2 and  Microsoft Network Policy server. I have 2 SSID created for each radius server authentication. Let me call them ISE-SSID and NPS-SSID. My task is to make sur...

I need help in knowing If through "CISCO ANY CONNECT"  client MAC address information would be send in syslog payload. We are building a security monitoring use-case with a client, where we plan to whitelist MAC's and detect unauthorized access from ...

Hello, One of the vpn user is not able to access internet when connected to anyconnect vpn.the asa setup itself looks to have split tunnel enabled with 0.0.0.0 allowed all access list applied.Below is the configuration. please correct me if my unders...

Hello there... I have a scenario that we are trying to work around but have been unable to do so.   I have 54 Calamp Vanguard 3000 wireless routers in the field for a project.  These devices utilize the FreeS/Wan VPN tool to connect.  Each of these d...

Hi I have a dynamic multipoint VPN using GRE working on a 1841 and I would like to migrate it to cisco 886VA with advipservices license... Now while ISAKMP ports are listening c886#sh control-plane host open-ports | i ISAKMP udp ...

Hello,   does anyone know how to check if client's workstation has got all security updates installed(assuming it is windows 7,8,10) before allowing it to connect to ASA firewall using cisco VPN.   I have only found how to check if specific hotfix wa...

Hi, Can someone help me on Out of band products? Does anyone have any ideon out of band vendors?..If yes, please share with me the list of vendors for out of band management...