Let's troubleshoot... We also do trainings .. Checkout our training page https://asame2.blogspot.com/p/we-also-deliver-trainings.html

Featured Post

How to generate a CSR on Cisco ASA using CLI? CSR- (Certificate signing request)

First thing we need is an RSA key pair:   crypto key generate rsa label SSL-Key modulus 1024 noconfirm Create a trust-point crypto ca...

Recent Comments

Recent Post

Let's troubleshoot... We also do trainings .. Checkout our training page https://asame2.blogspot.com/p/we-also-deliver-trainings.html

Friday, 20 November 2015

Any-Connect not connecting with some of the tunnel groups, while working fine with others


I ran into an issue with my Any-Connect I had some couple of tunnel groups and I upgraded my ASA from 8.6 to 9.2 , after upgrade Any-Connect stopped connecting with few of the tunnel groups. Debugs were saying : Not calling vpn_remove_uauth: not IPv4!webvpn_svc_np_tear_down: no IPv6 ACL Any-Connect was giving this error: Failed to get configuration from secure gateway. Contact your system administrator. Here...

Ipsec over GRE : Tunnel protocol is down : Tunnel with Vlan interface


I have an IPSec over GRE tunnel between two routers (ofcourse :) ) I had some physical interface limitation so I could not assign an IP address to it. It is a L2 interface. So I have created a vlan and assigned an Ip address to vlan and then called the vlan under interface. Here is my configuration : After I have configured this I see tunnel protocol status is DOWN crypto map mymap local-address...

Thursday, 19 November 2015

Packet capture on router


1.Define a 'capture buffer' with the specified name monitor capture buffer mycap size 2048 max-size 4000 circular 2. Specify access-list ip access-list ex mycap permit ip host permit ip host monitor capture buffer mycap filter access-list mycap 3. Defines a capture point monitor capture point ip cef cap fastEthernet 1/0 both 4. Attach capture point with the capture buffer specified. monitor...

Tuesday, 17 November 2015

How to disable sysloggging on ASA?


I have an ASA and all the debugs are going to syslog. I need to quickly run debug icmp trace and check the results. How can I disable syslog temporarly? no logging debug-trace How to enable it back? logging debug-trace...

Saturday, 7 November 2015

Anyconnect 4.0 License Scheme


Failover: If you are using failover firewalls you can (but don't have to) use a shared license' model, this lets you purchase a bundle of Premium licenses. and share them across multiple pieces of hardware, This requires an ASA to be setup as the license' server'....

How to assign IP address on ASA 5505 - and how to create local pool for Inside on ASA 5505


Create VLAN Interface : interface vlan 1 ip address 192.168.1.1 255.255.255.0 no shut exit Go to physical interface and call the vlan using switchport access command Interface eth0/0 switchport access vlan 1 no shut For the ASA 5505, the maximum number of DHCP client addresses varies depending on the license: • If the limit is 10 hosts, the maximum available DHCP pool is 32 addresses. • If the...

Thursday, 5 November 2015

Anyconnect gives error : Not calling vpn_remove_uauth: not IPv4! webvpn_svc_np_tear_down: no ACL


Error message when connecting to Anyconnect:============================================== Not calling vpn_remove_uauth: not IPv4!webvpn_svc_np_tear_down: no ACL webvpn_svc_np_tear_down: no IPv6 ACL So for me the issue was : Anyconnect was trying to establish connection with Default RA group tunnel-group.There was no IP pool called under it. I then enabled tunnel-group-list enable under Webvpnand...