Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

sysopt

I dont think my sysopt connection permit-ipsec is working, as even if I add that line I am not able to communicate over RA-VPN (though its getting establishing) unless I explicitly allow that traffic using ACL. Any other way to check if its working, or you think other way. If its not working how to make it work??

2 REPLIES
Community Member

Re: sysopt

Hi Gaurang

Are you able to say which version of software you are using??? as the sysopt commands do work unless you are hitting a bug... could you have a look at the following,

sysopt connection permit-ipsec on PIX version 6.3

and sysopt connection permit-VPN on PIX/ASA version 7.x.

Regards MJ

Cisco Employee

Re: sysopt

Where is the Crypto map and ACL applied. Is the ACL Outside to Inside or Inside to Outside.

Sysopt Connection permit IPSEC or VPN is only applicable on the interface where the VPN traffic is getting decrypted. So, if you have sysopt connection permit ipsec on the outside interface and ACL on the inside interface or DMZ , you need to permit return traffic on the ACL applied on the inside or DMZ.

I hope it helps.

Regards,

Arul

136
Views
0
Helpful
2
Replies
CreatePlease to create content