I am facing issue with one of the VPNs setup for our customer. Once the tunnel is established, it works fine. But I suppose during the SA re-keying the ASA detects duplicate messages from Checkpoint and the tunnel is dropped briefly. Eventually one of the SPIs is accepted and the tunnel comes up without any intervention.
I have compared the VPN config with the remote end and it seems to be correct. The renegotiation timings are as follows:
Phase 1 Renegotiation time: 1440 minutes
Phase 2 Renegotiation time: 480 minutes
Also find the attached logs from the ASA where,
A.A.A.A is the IP of the Checkpoint firewall
C.C.C.C is the IP on the ASA.
B.B.B.B is the server IP behind the ASA and D.D.D.D is the server IP behind the Checkpoint firewall.
Hi Guys, I have RA AnyConnect VPN configured for users on FTD via FMC (Both FMC and FTD are version 6.6). AnyConnect has been running fine. I have multiple Connection Profiles for RA AnyConnect, each Connection Profile has about 50-100 us...
Cisco ISE Secure Wired Access Prescriptive Deployment Guide
Authors: Hariprasad Holla (until June 2018), Mahesh Nagireddy (until Dec 2018)
For an offline or printed copy of this document, simply choose ⋮ Options > Printer ...
Meet the Authors Slides- SecureX and the Evolution of Security Orchestration Automation and Response
(Live event – Wednesday, 20th, 2021 at 10:00 a.m. Pacific / 1:00 p.m. Eastern / 6:00 p.m. Paris)
This event had place on Wednesday 20th, January 202...
The following guide goes over the in and out of the Cisco Endpoints Security Analytics Dashboard as an overview and faq page
For more information on the solution please visit the CESA POV page
Building content as of 1/19/2021
Most of the informati...
Join us live on Tuesday, January 19 at 10:00 am PT (and on demand after) as we discuss the latest version of ATT&CK and the expansion of TTPs in v8.
As a security expert, you are tasked with protecting your environment. You see the value of...