crypto isakmp policy 10 encr aes authentication pre-share group 2 crypto isakmp key ****** address 22.214.171.124 ! ! crypto ipsec transform-set AES128-SHA esp-aes esp-sha-hmac ! crypto map MAP1 10 ipsec-isakmp set peer 126.96.36.199 set transform-set AES128-SHA match address 100
interface GigabitEthernet0/1 ip address 188.8.131.52 255.255.255.252 ip access-group ACL-IN2 in ip nat outside ip virtual-reassembly in duplex full speed 100 media-type rj45 no cdp enable no mop enabled crypto map MAP1
ip access-list extended ACL-IN2 permit ip host 184.108.40.206 any
access-list 100 permit ip 192.168.250.0 0.0.0.255 192.168.7.0 0.0.0.255
On The ASA you need to configure NAT-exemption. You have a NAT statement that NATs all traffic from 192.168.7.0/24 to outside. With that you also NAT the traffic to the other side. In packet-tracer you should see that the source address get's NATted to the outside IP-address.
On the router you have "ip nat outside" on the Gig0/1 but you don't show the NAT rules. Make sure that IPSec-traffic is also not NATted.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...