Hi All,We are working with a vendor to set up a TrustGrid appliance. We have an FTD pair in HA mode that is managed via FMC. We are migrating the vendor's current network from an existing IPSec tunnel to the TrustGrid appliance based firewall. The ne...
Forum Posts
Resolved! FlexVPN AnyConnect-EAP certificate
Hi there,I am trying to make a FlexVPN AnyConnect-EAP with local authentication using both user and certificate working. However if I use only local user authentication it works but I am not able to make the certification part working. I am still get...
Hello Guys,We have Cisco ASA 5508 on the leaseweb cloud. We have almost 17 site-to-site VPN instances. I have attached the screenshot for security reasons I have hidden the pubic IP address. The Local Network in attached screenshot is same subnet 10....
Dears I face below error with configuring FlexVPN on Cisco router C1111 for Cisco AnyconnectFrom logs , i see this error """ Failed to receive the AUTH msg before the timer expired """I have attached files of1- running config2- Debugs Crypto IPSEC de...
Hi,I am setting up SAML on a firepower 2100 to use Google workspace as an identity provider. the Google configuration asks for an ACS URL and an Entity ID for the service provider. I can find thids information anywhere on the FDM can someone please h...
Resolved! ASA Restore backup
Hello,How long does it take to restore a 130MB backup of a standalone ASA following an RMA?It's been 30 minutes, and my restore is stuck in 38%. Is this normal?v9.15.1.15Thank you.
When I connect to vpn (anyconnect), search domains stop working. (I try to solve it by adding config file to /etc/resolv/ (this is solve this problem on previous major versions), but this not working even add this one)nslookup/dig and host are workin...
Resolved! Anyconnect
Hi How can i assign a policy group to a user in a router? So i will assign a policy to a group of members and an other group to other members. There are differesnt acl for different services. br webvpn context SSL_Contextgateway SSLVPN_GATEWAY!...
Hi!Please, I need help with the Cisco Anyconnect (Cisco Secure Client) and Azure vFTD. I've tried a bunch of options and feel like I'm missing something. May be some one made the same things.I attached a schema of my test connection lab. The root of ...
Resolved! Troubleshooting and Logging
I am new to ASAs, I have an ASA 5516-X, and am trying to troubleshoot a VPN tunnel not coming up. In ASDM, regardless of the logging level, I never see the remote tunnel IP. I have the same issue if I use debug crypto ikev1 on the CLI. However, if I ...
Hi all,I have created a VPN and seeing strange results. The side I manage shows to sessions connected to the same endpoint with phase 1 up on one session and down on the other. BGP is enabled across the VPN but is also not coming up. ----------------...
Hello Configured a VPN tunnel between the Cisco router and NSX Edge Gateway. IKEv2 and Tunnel178 tunnel interface were used.After some time, the logs began to appear about the fall and rise of the tunnel interface.Example:VRN-CISR-01 # Sep 23 08: 50:...
I stucked with ipsec configuration between cisco asr1001 and c9300x (asr1001-asr1001 works and c9300x-c9300x works)My config for asr 1001crypto ikev2 proposal ikev2_proposal encryption aes-cbc-256 integrity sha512 group 5 crypto ikev2 policy ik...
Problem device: Cisco router 4331 / isr4300-universalk9.16.12.05.SPA.binWe have a running Ipsec IkeV2 ConnectionCisco router 4331 < - ISP Router -> Cisco router 4331Public IP 193.2x.x.25 < - 46.x.x.198 -> Nat to IP 192.168.1.100Most of the ...
I need to block some public addresses (19.16.0.0/16 for example) from attempting to connect to my ASA.# already have this:object network spam_ip_19_16 range 19.16.0.0 19.16.255.255access-list acl_block_ip extended deny ip object spam_ip_19_16 any# ...
