So the laptop with no vpn client, gets an ip address via dhcp from the 881, and can then ping the remote network, it connects thru the peer .1 as this is first in the ezvpn config.
A laptop with a cisco vpn client then connects to the 881, gets an ip address from the 881, and then can run the client and make a connection to the peer ip address of .1, upon doing so the 881 locks up (seen by the stopping of a cont. ping to the remote network).
The only way to resolve the issue is by resetting the exterior interface from the 881 to the 1800.
BUT when the vpn client is set to connect to the .2 peer, it connects with no issues.
The thought is that the vpn client has the peer of .1 and the ezvpn config has .1 as it first peer so 'sees' the request and thus sends the second vpn request (from the laptop) down the ezvpn tunnel to the peer and this causes the lock up of the device.
Getting there now, the question is how can I configure the 881 so that it doesn't send the vpn client connection down the already created ezvpn link ?
If anyone can point me to the relevant documentation that i'd been very grateful.
The purpose of this document is to demonstrate how ISE authenticate / authorize a user that uses a smart card (PIN + Certificate) and password mechanism to login their system. This document describes the components used for this setup, configuration of IS...
For all versions of the Email Security Appliance (ESA) and Security Management Appliance (SMA), some Secure Sockets Link (SSL) certificates issued from the QuoVadis root certificate authority (CA) trust chain before 2021-03-31 cannot b...
Automation and programmability for networking and security are increasingly important topics. Every release since ISE 1.2 has included new REST API capabilities to better automate and integrate ISE with the rest of your network, appli...
The latest iteration (v2.3.4) of the Cisco Secure Firewall Migration Tool adds public beta support for S2S VPN migrations from ASA:
Policy-based (crypto map) Pre-Shared key authentication type VPN configuration to Firepower Management Center
Cisco Defense Orchestrator (CDO) is a cloud-based, multi-device manager that manages security products like Adaptive Security Appliance (ASA), Firepower Threat Defense next-generation firewall, and Meraki devices, to name a few.
We make improvement...