Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
291
Views
1
Helpful
2
Replies

CTS SXP to outside Interface of ASA

kerstin-534
Level 1
Level 1

‎04-19-2023 01:56 AM

We need Trustsec SXP to ASA via Internet facing Interface for using Security Group Tags in access control lists.

VPN is encrypting traffic to outside interface, the whole SXP connection is encrypted.

Has somebody success in this scenario ? We can see on ASA SYN timeouts, like process is not running on outside interfaces. inside interfaces are ignored by CTS SXP when peer is on other interfaces.

 

 

0 Helpful
2 Replies 2

kerstin-534
Level 1
Level 1
In response to MHM Cisco World

‎04-19-2023 02:12 AM

There is no ISE, this is DC environment with Nexus 9000. There is also no ASAv. This is Firepower 2100.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card