Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Search results for query: *

  1. dunks59

    VPN smartcard access

    Yes. Resolution I ended up resorting to was recreating the trust points. Essentially what I figured was that ASA would get to the point where it wld needed to exchange it's identity with the clients; said ID wld be based on the issued cert from the Microsoft CA. This acting as a identity...
  2. dunks59

    ISAKMP error?

    I'm attempting to setup an other Cisco ASA5520. Getting the below error. The part that I presume is the problem is when the ASA says "Attempt to get Phase 1 ID data failed while constructing ID" After that the connection is drop by the ASA and the Client says something on the order of server...
  3. dunks59

    crypto-map how to?

    can someone direct me where I can find some sort of how-to or background data for crypto maps? I'm configuring an ASA 5520 and I just about have the thing working but having an issue with the crypto maps (I think :). I'm setting up the unit using the CLI (not the gui thing) and have...
  4. dunks59

    ASA ip forward-protocol

    Does anybody know if you can do something like the Cisco IOS routers do for ip forward-protocol on a Cisco ASA? There is a dhcp helper command but I don't see the generic ip forward protocol. What I'm trying to do is for a XDMCP broadcast from one interface on an ASA and forward this to a...
  5. dunks59

    VPN smartcard access

    Ok tks. But not tracking as the beast says that the cert is valid. Does that mean s/t else? Anyhow, I dub that the cert map or tunnel group is incorrectly configured as it's not passing the user to the aaa server (ldap) for see that he shld have access. From the looks of it the cert is check...
  6. dunks59

    VPN smartcard access

    Ok, and below is the configure. (kind of heavily modified but hopefully this helps.) " show run : Saved :dc=domain,dc=com ASA Version 8.0(4) ! hostname ra01 domain-name domain.com enable password xxxxx encrypted passwd xxxxx encrypted names ! interface Vlan1 nameif outside security-level 0...
  7. dunks59

    VPN smartcard access

    Looked at it a little more. This is the entire output of the debug ca when I try and get a client to connect. "CRYPTO_PKI: Ignoring self signed certificate received from peer CRYPTO_PKI: Attempting to find tunnel group for cert with serial number: 12139FF2000000000026, subject name...
  8. dunks59

    VPN smartcard access

    I'm setting up a remote access VPN with a Microsoft CA. I had the thing working but at the last point I changed out the trustpoint in order to get the CRLs working. While that all works fine now and the router checks if the cert is still valid I managed to break everything. After the cert is...
  9. dunks59

    Failover to 2ndary ISP

    Question on failover routing for a none BGP router. I have a Cisco 3800 which has 3 interfaces. s1/0 is a DS/3 interface. This is the primary upstream and downstream medium. This has a /30 ip address with the upstream provider, which I don't own. g0/1 connects to a secondary ISP. This is a...

Part and Inventory Search

Back
Top