Brent,
I made the changes requested, a couple of quick questions:
1) on the asa, trying to change the crypto map outside_map 1 set pfs group1 command to group2 by using the no command and then reentering with group2 won't display the group any more, it just ends at pfs, how do I add that...
I've removed the fatpipe, before I did that I had nothing at all when I debugged the vpn connection, now that it's gone I'm getting the errors above.
as before, thanks in advance!
configs are as follows:
ASA
: Saved
:
ASA Version 8.2(1)
!
hostname ASA5510
names
dns-guard
!
interface...
Sorry, forgot to post this as well...
As the errors above are being displayed on the ASA the following are displayed on the PIX
crypto_isakmp_process_block:src:5.6.7.8, dest:1.2.3.4 spt:500 dpt:50
0
crypto_isakmp_init_phase1_fields: responder
OAK_MM exchange
oakley_process_mm:
OAK_MM_NO_STATE...
Brent - I appreciate the help on this, I'm not in my comfort zone here...
Ok, so I setup the VPN between the ASA 5510 and the PIX, now when I try to create interesting traffic from the ASA to the PIX by pinging an IP on the internal side of the pix from the ASA I get the following :
ASA# ping...
I think I have, I'm just having issues with the ASA behind the fatpipe (combines multiple T1s), it does nat for the public IP ranges to 192.168.0.x addresses, should I be able to allocate a public IP, nat it to the outside ASA interface IP (192.168.0.100) and still get the S2S VPN to work?
I wasn't aware there was such an animal, networking's not "normally" my thing.
Assuming it isn't free, I probably won't be allowed to buy it.
Any idea how to terminate the L2L on the ASA with the FatPipe in the way? I've assigned a public IP and I'm NATting that to the outside interface IP...
Hi, I am a Active Directory / eMail / server guy who's inherited a rather complex Cisco infrastructure to manage (other guy left, they won't replace him) and I have a question about site-to-site VPN.
We have 3 offices, the main office has a Cisco ASA 5510 running version 8 and two smaller...
There's also a linux boot floppy that you can use to boot the system, it has NTFS drivers and allows you to find the SAM database and you can then overwrite the administrator password.
As long as the system isn't a domain controller it should work fine.
google on samcrack, otherwise shoot me...
Hi, I am a Active Directory / eMail / server guy who's inherited a rather complex Cisco infrastructure to manage (other guy left, they won't replace him) and I have a question about site-to-site VPN.
We have 3 offices, the main office has a Cisco ASA 5510 running version 8 and two smaller...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.