crypto dynamic-map DYN-MAP 5 set transform-set AES
crypto dynamic-map DYN-MAP 5 set security-association lifetime seconds 86400
crypto map VPN 1 match address Outside1_cryptomap
crypto map VPN 1 set peer X.X.X.X
crypto map VPN 1 set transform-set Shopper_Trans_Set
crypto map VPN 60 ipsec-isakmp dynamic DYN-MAP
crypto map VPN interface Outside2
crypto map VPN interface Outside1
crypto isakmp identity address
crypto isakmp policy 10
crypto isakmp policy 65535
The sequence numbers seem to follow the rules, so I am confused as to what is wrong.
However I am cocerned that the ASA I am using has two "OUTSIDE" interfaces and am worried the ASA is trying establish through the wrong interface, however my research suggests I would see a message such as:
%ASA-3-713042: IKE Initiator unable to find policy:
Show Name: Thoughts on Security at Cisco Live US 2018 in Orlando
Contributors: Kevin Klous, David White Jr., Aaron Woland, Jeff Fanelli
Posting Date: June 2018
Description: The team goes on-site in the Cisco Live Speaker room in...
RADIUS and Symantec VIP.
I will use screenshots of ASDM, and at the end I will add the required CLI commands. the diagram below show a diagram of the steps the FW goes through when using 2FA authentication:
As you can see in Fig. 1&nbs...