VPN

Hello, We have a FMC with a pair of Firepower 2110 in HA. Because the certificate asociated to the VPN SSL trustpoint is about to expire, we need to renew the certificate. We issued the CSR to the client for get the new certificate but the client cha...

Hello,  I create Ikev2 site to site tunnel between  two cisco FPR 1140. I have same subnet on both location and i used source and destionation NAT in one site. My user try access over web some aplication and it is work, but when other site try to acc...

Afternoon All,I am currently working on a Site-2-Site VPN at home I have connected a cable between both Outside Interfaces. It's been a while since I have done this on an ASA5505. I have this little voice telling me there is an issue with the differe...

   I have a tunnel where I have access to both sides.at 12:32AM May 3rd 2024 the tunnel went down and now will not negotiate. No changes were made THIS IS THE FAR side.  This is peer 63.45.114.46May 6 08:48:43.038 CDT: IKEv2-ERROR:(SESSION ID = 1,SA ...

Hi, I have one issue with IPSec tunnel Lan-to-Lan between ASA 5525x (v9.8) and ASA FPR 2110 (v9.16). My Tunnel is up but ping between each client was not successful. Both peer status sh cry isakmp sa in "MM_ACTIVE".I ran packet-tracer icmp between pe...

Hi, as the title says, I am unable to connect to my Cisco Secure VPN after updating my OS from Ubuntu 22.02 to 24.04. The error I receive is"You are missing the required libraries for the authentication method you requested."Upon closer inspection, t...

 Hello and good day,We have set up a management tunnel and are testing it with both AnyConnect 4.10 and SecureClient 5.1. With both VPN clients, we have noticed that the Windows logon takes significantly longer, up to 5 minutes. We use an ASA with so...

Hello,  I use it in IKEv2(site to site VPN)  as I understand it is algorithm, but I don´t understand it, can someone explain me it, or send me some link. PRF: For IKEv2, a separate pseudo-random function (PRF) used as the algorithm to derive keying...

Following upgrading to upgrading to 5.1.2.42 to fix the vulnerability CVE-2024-20337Within Microsoft Defender this is still flagged as vulnerability for the CVEIt appears to refer to a component of the install:C:\Program Files (x86)\Cisco\Cisco Secur...

Hello,I want to set up a IPSec IKEv2 VPN to a central ASA. On my side we have a cisco 897.First I tried a crypto map configuration. Didn't work because the IKEv2 SA goes UP and immediately goes DOWN with the error message "IKEv2:(SESSION ID = 1,SA ID...

Hi Everyone!I’m trying to use the Dynamic Access Policy in Cisco FMC to create a RA policy for specific VPN profiles.I’m trying the new FMC DAP option under Device/VPN/DAP.Have someone ever used this feature to create a policy like this:If the user s...

On my Windows 10 computer, I can connect to the VPN using AnyConnect 3.1.02026 without difficulty. However, once I disconnect, I need to reboot my computer to connect again. When I try to connect the second (and subsequent) times I get the message, "...

We are running Cisco Secure Client 5.1.2 and have a requirement in that if the VPN cannot connect how can I still allow access to say microsoft / 365.Have tried setting the allow access to the following hosts with vpn disconnected in the profile but ...

I have a customer who is trying to connect to their SSL VPN via AnyConnect client. They have a Cisco ASA 5515x running ASA 8.6(1)2, using AnyConnect for windows 3.1.03103. They are on a  laptop that is running Windows 7. When the attempt to connect ...

Now that LDAPS to Duo Cloud has been deprecated, is there still a way to protect VPN access to a Cisco ASA using logins that are local accounts on the ASA?  And is it possible to do without a proxy server in the middle?  Everything I have found point...