local crypto endpt.: XXX.XXX.100.1, remote crypto endpt.: XXX.XXX.40.68 plaintext mtu 1500, path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0/0/0.100 current outbound spi: 0x0(0) PFS (Y/N): N, DH group: none
Doing a traceroute from XXX.XXX.100.6 it hits the physical ip of XXX.XXX.100.2 and goes to the next hop instead of hitting the crypto map and getting encapsulated because Phase 1 is not starting.
When I issue a debug crypto isakmp nothing happens. I also added an access list on my edge device logging all traffic in and out to XXX.XXX.40.68 and I get zero hits.
After all my troubleshooting I think that the traffic is not hitting my crypto map for some reason.
PS...is there a way to source a ping from the virtual IP?
I am installing IDE using Firepower. I have set up firepower on the management port. I gave it a .190 address (last quad). The Firepower management center .189 is on a different subnet. That subnet can ping the interface .189 but not the management port ....
Hello,We have a SDA network with DNAC and ISE.In this network we have different teams with different AD domain and PKI. (domains do not trust each other)Users are only sharing same switches in the fabric. We want to authenticate the endpoints with EA...
Questionhello all , i have a issue about the ise 2.6 redirect url, when i finish ise configuration and try to web auth, what i got shown as below:Redirect URL : https://ip:port/portal/gateway?mac=ClientMacValue&portal=27041710-2e58-11e9-98fb 005...
Community Live video- How to optimize your Cisco Security investments with Threat Response
(Live event - formerly known as Webcast- Tuesday February 18, 2020 at 10 am Pacific/ 1 pm Eastern / 7 pm Paris)
This event had place on Tuesday 18th, Februa...
Join us live from the RSAC show floor on Tuesday, February 25 at 12:30 pm PT (and on demand after) for a livestreaming event that captures the excitement of RSAC and shares the latest from Cisco Security. Host Jason Wright will be joined by Cisco exe...