Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Meaning print screen

Hi, 

May i know the meaniung of 3 print screen below...

1. Why no VLAN at ASA FIREWALL ?? How to create via ASDM...

2. TO enter CISCO Anyconnect.........

3. TO access ASDM....

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Meaning print screen

1. The only ASA that you can create VLANs on is the 5505. It looks like your screen shot is from a 5520 or similar model. They do not support VLANs. You can create subinterfaces like you do on a router if you need to be the gateway for multiple subnets on one physical interface.

2. The AnyConnect error indicates you are using an untrusted (probably self-signed) certificate on your ASA. You may furthermore be using the device certificate and not a proper server certificate that you would generate for the specific purpose of the VPN.

3. The Java error when launching ASDM is normal with the latest Java update. You can accept the message and proceed. I expect that eventually Cisco will release an ASDM update that will eliminate the message.

6 REPLIES
Hall of Fame Super Silver

Meaning print screen

1. The only ASA that you can create VLANs on is the 5505. It looks like your screen shot is from a 5520 or similar model. They do not support VLANs. You can create subinterfaces like you do on a router if you need to be the gateway for multiple subnets on one physical interface.

2. The AnyConnect error indicates you are using an untrusted (probably self-signed) certificate on your ASA. You may furthermore be using the device certificate and not a proper server certificate that you would generate for the specific purpose of the VPN.

3. The Java error when launching ASDM is normal with the latest Java update. You can accept the message and proceed. I expect that eventually Cisco will release an ASDM update that will eliminate the message.

New Member

Meaning print screen

Thanks sir,

1. Yes sir, cisco 5515-X

2. Is it safe to use untrust cert. Is it cert need to buy teh cert?

3. ok noted.

4. New question : How to SSL VPn with internet connection ( split tunnel ), attached my config...

     What is the "standard ACL & extended ACL" ? What is the meaning "Add ACL and Add ACE " ??

New Member

Meaning print screen

OK, just solved internet issue.......

2. Is it secure to use untrust cert. Is it cert need to buy teh cert?

   Can send the link to add ssl cert?

New Member

Meaning print screen

Hi,

After connected to anyconnect, can access to internet link that already use b4 that...but cant for new link...

can ping 8.8.8.8 , but cant google.com....

Hall of Fame Super Silver

Meaning print screen

Cisco recommends using a trusted certificate to both ensure the ASA is the proper (trusted and verified ) one for your users to use. Also, most IT organizations do not like to burden their users with the need to accept untrusted certificates. If you import the ASA persistent self-signed certificate into your local Trusted Root CA store on Windows, you will not receive the error.

Add ACL vs. Add ACE - ACL is an Access Control List. A given list can one one or many lines (entries) each line is referred to as an ACE or Access Control Entry.

When you split tunnel, you want to specify that you are tunneling from your remote client to your networks protected by the ASA - i.e. generally the internal corporate networks. Anything not matching the ACL will not be tunneled over the remote access VPN and thus just go out the local client's non-VPN path.

New Member

Meaning print screen

Hi sir,

Why my vpn ipsec is not stable............need to logout everyday at asdm then connection ok...

how to check/troubleshoot ?  thank you

rgds,

391
Views
0
Helpful
6
Replies
CreatePlease to create content