our software is: Cisco PIX Security Appliance Release Notes Version 8.0(4)
I got this for PIX:
"If a VPN tunnel is initiated using a physical interface, logical interfaces cannot participate in the VPN tunnel."
is that means that i need to disable VPN on phisical inteface, to allow it om a logical interfaces???
VPN client says:
Release 4.6 VPN Client error messages are different from those in the Release 4.0.x VPN Clients. With the 4.0.X version of the VPN Client, if there is a problem with the broadband provider, users get the following pop-up: "Secure VPN connection terminated locally by the client. Reason 412: The remote peer is no longer responding."
With the Release 4.6 VPN Client, there is no event message at all, the Client just states that it is not connected. If I enable connect history display, I get the following message: "Secure VPN connection terminated locally by the client. Reason 401: An unrecognized error occurred while establishing the VPN connection. Not connected."
1) Do you still have ip address configured on the physical interface? and where does your default gateway point to?
2) Are you replacing the outside interface with the new IP, or the new IP is just extension to the old outside interface ip?
3) You can't have 2 default gateways on 2 different interfaces on ASA anyway, so
-- if the new IP is the extension of the existing public ip, then you would need to route the new ip range to the current outside interface, and you can use those new IP range for NAT.
-- if the new IP is the extension of the existing public ip, and you will be routing the subnet towards the existing outside ip, you can't use the new IP to terminate the VPN. You can only terminate on the ip address assigned to the interface of the ASA.
-- if the new IP is the extension of the existing public ip, and you would like to use the new IP for VPN termination, then you would need to assign the new ip to the outside interface, and route the existing outside subnet to the newly create interface IP.
Hopefully I haven't confused you. Let us know if you have any further questions.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...