VPN

Router A internal network 10.1.1.0 needs to access internet network 162.143.0.0. IPsec configuration tells the router to run it through the tunnel which terminates on internal interface 10.2.1.1 of a remote head end ASA with an external facing interf...

My company allows any computer logon to the VPN (ie non-work computers). The thought is that clientless VPN is more "secure" since it would be harder for something malicious from the computer to get passed through the clientless VPN. But is that real...

Hello, I was wondering if it is possible to assign a different group policy based on anyconnect user agent? I did take a look on the dynamic access policy but I don't see any options to assign the group policy. what we are trying to achieve is, if ...

Hi everybody, I have a trouble with an IPSec tunnel between two routers. When I do a ping then use the command "show crypto ipsec sa" I have 0 packet encrypted and 0 packet desyncrypted too. Here is the configuration of the two routers: Router 1:  ...

I’m trying to get IPSec VPN working with LDAP authentication but I can't figure out why my Group Policy is not working correctly.  When my user authenticates, it looks like the correct ALLOWACCESS policy is being applied but then the NOACCESS policy ...

We have a number of tunnels needing to be configured for encryption of traffic destined for an internet range of addresses. These tunnels are "internal" in the sense that they traverse our MPLS network. Do we have any issue with terminating the tunne...

Before i begin, I just want to mention that I am not very strong on the ASA side of things  What i am trying to achieve is to use Two-Factor authentication when i user tries to VPN into the network using Cisco Anyconnect. One reason behind this deci...

Hi,  I have a ASA device with a management interface with IP address 192.168.1.1/24 and also on this interface are switches that also have ipaddress on the 192.168.1.x range.  The rules on the firewall say that any traffic comming in to firewall on...

My environment is Windows 10 Home edition, AnyConnect Secure Mobility Client v 3.1.100. It is a new computer that came with McAfee LiveSafe - Internet Security installed by Dell Windows 10 image.    Each time I try to connect to my organization's V...

Hi, Could someone please explain me the IKE Phase 1 and Phase 2 rekey process in detail? What are the messages exchanged during rekey? Which message indicate the beginning of rekey? Is it going to re-authenticate the peers? Is it going to impact the ...

OK, so to allow a user on an RDP session to successfully initiate an AnyConnect session, they need to have a profile.xml that includes the settings WindowsLogonEnforcement     SingleLogon (default is SingleLocalLogon)WindowsVPNEstablishment     Allow...

We just upgraded our AnyConnect to Ver 3.1.01065 and we are using a self signed cert with it. We haven't had any issues with the before but now when ever a customer logs on to the VPN using AnyConnect we get " Security warning: Untrusted VPN Server C...