Hi,I'm trying to get DMVPN (mGRE over IPSEC) to establish over different FVRF and IVRF on the hub side.Just for clarity, hub IP is 10.1.1.1, spoke's is 10.2.2.2 (obviously I have routing between the 2, they can ping each other etc)If I use an interfa...
Hi All,We have a Cisco 3110 firewall acting as the termination point for remote access VPNs. There is another vendor's firewall positioned in front of the ASA. Since there is public IP scarcity I want to know if there is a possibility or a workaround...
Hello,while trying new Cisco Secure Client 5, on Firepower 21xx (same on FPR4112) with ASA 9.18.3.56 and ASDM 7.19.1.95 I can't access the Profile Editor: if I click on the "Secure Client Profile" ASDM still shows me the Client Images.I've tried to r...
Hello Pros, we have 5 2960x, , with the latest STIG released on last Wednesday. we need to update the NTP authentication to now use SHA-256. The current IOS is running is C2960X-UNIVERSALK9-M I was trying to add (config)#ntp authentication-k...
Hi,I'm trying to get the workaround described in the chapter "Connectivity Issues with VM-based Subsystems" from the AnyConnect admin guide to work.https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/Cisco-Secure-Client-5/admin/guide...
My topology contains 3 branches (Clusters) each cluster representing full working network, 2 ISP routers (1 ISP for branch 1 and 2) and a BGP ring (the ISP routers connected to different routers in the BGP ring). The branches could communicate betwee...
I am trying to enforce users to use Cisco secure client (AnyConnect) and prevent them from access the internet unless they connect to VPN while they outside the network. I am trying to apply this with Meraki MX firewall Any thoughts ?! VPN and AnyCon...
I'm using Cisco Secure Client app on MacOS (Sequoia). I connect my Mac computer via ethernet. The VPN works fine. However, I need to share my VPN connection via wifi hotspot.Sharing my ordinary internet connection via wifi works fine — my phone conne...
I have a web server running on 443 so I want to move the RAVPN to another port. After using FDM to change the port number, the CLI debug shows the FTD is listening on the new port. But the Secure client does not connect and says check internet connec...
Hello! I want to install Cisco AnyConnect 4.804036 on a MacBookPro with OS Catalina 10.15.4 and when is about to finish the installation process, I get this error:after that I can see the AnyConnect icon installed under the applications folder, b...
I tried to upgrade the IOS of a VPN router to 17.9 and the crypto map (interface IPsec) got removed on Port-Channel interface. crypto map vpn 55 ipsec-isakmp set peer 10.10.10.1 set transform-set IPsec-proposalX set ikev2-profile IKE-ProfileX ...
Our RAVPN has been working great for awhile. It has been using Split Tunneling using an eACL without issue. With the introduction of Dynamic Access Policies we decided to take advantage of them to increase our security posture. The issue that I am ha...
My topology contains 3 branches (Clusters) each cluster representing full working network, 2 ISP routers (1 ISP for branch 1 and 2) and a BGP ring (the ISP routers connected to different routers in the BGP ring). The branches could communicate betwee...
Hello, I have a FPR1010 managed locally ( FTD ) with Anyconnect setup with Azure SAML configured as authentication. I am using the recommended software version. I get the Authentication failed due to problem retrieving the single sign-on cookie erro...
Hi, I found an old ASA 5506-X device in my closet and was going to try to make one last attempt at setting up a IKEv2 site-to-site VPN with certificates to a Linux Strongswan peer. I have a private CA that signs certs with openssl. The Linux peer has...
