local crypto endpt.: XXX.XXX.100.1, remote crypto endpt.: XXX.XXX.40.68 plaintext mtu 1500, path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0/0/0.100 current outbound spi: 0x0(0) PFS (Y/N): N, DH group: none
Doing a traceroute from XXX.XXX.100.6 it hits the physical ip of XXX.XXX.100.2 and goes to the next hop instead of hitting the crypto map and getting encapsulated because Phase 1 is not starting.
When I issue a debug crypto isakmp nothing happens. I also added an access list on my edge device logging all traffic in and out to XXX.XXX.40.68 and I get zero hits.
After all my troubleshooting I think that the traffic is not hitting my crypto map for some reason.
PS...is there a way to source a ping from the virtual IP?
IntroductionComponentsISE ConfigurationEnd user perspective and Validation
Cisco Identity Services Engine (ISE) gives you intelligent Integrated protection through intent-based policy and compliance solution. ISE supports external MDM ...
This video provides the steps to configure the Cisco Threat Response (CTR) and ESA Integration.
This is live on the portal:https://video.cisco.com/video/6159336218001
And on YouTube:https://www.youtube.com/watch?v=UCKIdx5rdFg
I need to migrate from C170 to C190 and have already match to the same Firmware Version. I have a question. Is there any method that can export and import the configuration file instead of form cluster ?
This AMA will serve as the Q&A for the Cisco Live Digital breakout DGTL-BRKSEC-1011 - "A Challenger Appears: Defending Mailboxes in the Cloud" which covers a brand new product which will be announced during the event: Cloud Mailbox Defense.