Showing results for 
Search instead for 
Did you mean: 

Forum Posts

ASA keeping session active after client powers down.

Hi,My ASA is holding on to  sessions too long. We have devices that use vpn tunnels in the field. They are occasionally rebooted. They use usernames for static IP assignment from the ASA. Trouble is when the device powers down, the VPN is not ending ...

KGrev by Beginner
  • 8 replies
  • 0 Helpful votes

Resolved! ASA not releasing vpn connection fast enough.

Hi, I have some devices that occasionally get rebooted while there is an active vpn session. They use local user names and passwords with a static ip assigned.The problem is when they reboot it is very quick and the vpn has not ended the previous ses...

KGrev by Beginner
  • 3 replies
  • 5 Helpful votes

Resolved! DMVPN Spoke with a Private IP

We are planning to build a DMVPN setup. The hubs all plan to have static Public IPs. The spokes however, in some cases will sit behind an ISP router and have private IPs. In some cases they will have LTE CG-NAT IPs.    We only need Spoke to Hub tunne...

ronit by Beginner
  • 1 replies
  • 0 Helpful votes

FirePower - Adding a Policy for VPN users

Hi,   We would like to add a policy for other VPN users to allow access to a specific internal device. I have not been able to find any documentation on how to do this.  Could anyone provide the procedures or documentation for this?  It would be grea...

Issue with certifcate on 1111-8P

We use a Cisco router in our DC as a CA server, this weekend the old cert expired and the new one took over at approx 98% of our sites. The ones that did not are all 1111-8P's on IOS XE. I have checked and other 1111's on the same code and they did a...

Resolved! Dynamic Split Tunneling or ACL with FQDNs

Hi guys, ASA and AnyConnect are new to me. There is a requirement to inject dynamic IP address(s) based on the DNS lookups for a specific website via the AnyConnect tunnel. What above-mentioned technics is the best for this? Thanks,myky

Myky by Beginner
  • 4 replies
  • 0 Helpful votes

Resolved! IKEV2 on ASR1001 using crypto map

Hi guys, hoping someone might have some pointers.I'm tryng to set up an IKEv2 vpn but going round in circles. I have a number of IKEv1 vpn's connected using crypto maps on our external interface. I've been told that the most recent config advice woul...

bbqbruce by Beginner
  • 17 replies
  • 0 Helpful votes

Resolved! Help setup routing through VPN tunnel

Hi,I have the following setup and I have the HUB and SPOKE connected through a IKEV2 tunnel using FlexVPN. The problem is I can't ping remote subnets from either router. VLAN @ ISR172.16.5.0 VLAN @ ISR172.16.11.0 @ CSR (A loopback just for...

Screenshot 2022-06-07 121404.png

IPSEC into Firepower and Cisco ASA (no found)

I am trying to make an IPSEC between a Cisco Firepower Management Center 1000 FW and a Cisco ASA 5508 but I am not being able to make them see each other. I don't see logs anywhere of IKE attempts on any version. I tried in V1 and V2, with all the po...

l2TPv3 Tunnel issue

Hello everyone,i'm trying to establish a l2tpv3 tunnel, between two ISR4331, the configuration is very simple and everything seems to be ok, but i can´t ping from site A to Site B: Site A -- ISR4331_A »»»»» RouteC892 »»»»»»» ISR4331_B  -- SiteB confi...

fcardoso by Beginner
  • 0 replies
  • 0 Helpful votes

Assign VPN group policy on FTD-2110 managed by FMC

We are moving from an ASA5545-X to an FTD-2110 (in FTD mode). On the ASA, we can define the VPN group policies per user in the LOCAL user manager. Is there a place to do this on the FTD? I have not been able to locate this, and I am trying to prevent...

bhallman by Beginner
  • 2 replies
  • 5 Helpful votes
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers