Routes are all correct etc and when running a packet tracer the networks are hitting the same routes / rules and hitting the VPN but only 10.94.0.0/16 and 10.98.0.0/24 is passing traffic. The others are getting "Drop-reason: (acl-drop) Flow is denied by configured rule" but I have no idea why.
when checking the ASP table I can see the drops but - its saying ACL Drop but there is no difference between the 10.97.0.0/24 and 10.98.0.0/24 networks rule wise
259: 09:53:07.166327 10.97.0.10 > 10.94.0.4: icmp: echo request Drop-reason: (acl-drop) Flow is denied by configured rule
From the IPSEC tunnel I can see the decaps constantly increasing but the ASA is dropping this traffic for some reason
I am remotely accessing the firewall and its a production firewall so a lot of stuff passing through so would rather not turn on termial logging.
I would have thought ASDM would would show me the drops? But nothing showing in there for the traffic.
I have captures set up for the traffic also but nothing in them either but I am seeing the drops in the ASP table. If memory servers me correct, if the ASP table shows the drops the traffic wont appear in the ASDM logs or captures - but not 100% sure on that
capture azure1 type raw-data interface REMOTE [Capturing - 0 bytes] match icmp host 10.98.0.20 host 10.95.0.5 capture azure2 type raw-data interface REMOTE [Capturing - 0 bytes] match icmp host 10.97.0.10 host 10.94.0.4 capture azure3 type raw-data interface REMOTE [Capturing - 0 bytes] match icmp host 10.97.0.10 host 10.95.0.5
My global policy is not inspecting icmp traffic so not sure what is happening here.
RADIUS and Symantec VIP.
I will use screenshots of ASDM, and at the end I will add the required CLI commands. the diagram below show a diagram of the steps the FW goes through when using 2FA authentication:
As you can see in Fig. 1&nbs...
Unable to get signature update from cisco.com
1. Make sure the router can get name resolution. Configure the router with a proper DNS name server.
ISR4451#utd threat-inspection signature update server cisco username xxxxx password yyyyy