busterswt

Member Since: Jul 17, 2008

User Badges:
  • Bronze, 100 points or more

English
busterswt commented on Remote VPN and hairpinning in VPN 4 years ago

Do you mind posting the relevant configuration (routes, interfaces, split tunnel ACL and source/...

busterswt commented on Site-to-site VPN - Duplicate subnet? in VPN 4 years ago

Oh good! Glad to see it worked for you If you have any other questions feel free to ask. I don't...

busterswt commented on Site-to-site VPN - Duplicate subnet? in VPN 4 years ago

How are you attempting to bring the tunnels up? By pinging something in the 192.168.102.0 or 192....

busterswt commented on Site-to-site VPN - Duplicate subnet? in VPN 4 years ago

BTW - Your attachments *did* show up, but against an earlier post, so I didn't see them! Thanks for...

busterswt commented on Site-to-site VPN - Duplicate subnet? in VPN 4 years ago

Hi Ashley -Your nat config looks OK at a quick glance. I incorrectly used the 'static' keyword in...

busterswt commented on Site-to-site VPN - Duplicate subnet? in VPN 4 years ago

Hi Ashley - I'm unable to see the attached configs. You're welcome to copy/paste as well.James

busterswt commented on Site-to-site VPN - Duplicate subnet? in VPN 4 years ago

Hi Ashley,In the example I posted, your encryption domain would need to look like this on the local...

busterswt commented on Site-to-site VPN - Duplicate subnet? in VPN 4 years ago

Hi Ashley,Using the networks from the previous example, this 8.3+ configuration should work for you...

busterswt commented on NAT exemption (NAT 0) vs Identity NAT in Firewalling 5 years ago

Just a thought, but I imagine the connection is bidirectional once you initiate from inside ->...

busterswt commented on CSS11501S-C-K9 in Other Data Center Subjects 6 years ago

Hello,The following commands are very helpful on the CSS:show system-resourcesshow versionshow...

busterswt commented on CSS Global keepalive ALIVE when it should be DOWN in Application Networking 6 years ago

Haven't tested it yet, but I think the absence of 'type http' is causing my problem, as it's...

busterswt commented on Monitoring Service CSS 11500 in Application Networking 7 years ago

Hi Alexis,A few questions:1. Are you sure that the remaining services are alive when you notice one...

busterswt commented on New VPN has the same IP subnet range as another, NAT? in VPN 7 years ago

Hi Andy,In the above example, and likely your situation, it becomes a 1-to-1 translation:Private...

busterswt commented on Anyconnect and Traditional VPN Client in VPN 7 years ago

More than glad to do it when I can!Good luck!

busterswt commented on Issues routing internal RA VPN network on ASA5505 across IPSec Tunnels in VPN 7 years ago

Well, despite the hack job that the ASDM does to a VPN config, the hairpinning looks to be correct...

busterswt commented on ASA 5510 with VPN but no internet... in VPN 7 years ago

Hello,It sounds like you are tunnelling all traffic through the VPN when connected. You may need to...

busterswt commented on Anyconnect and Traditional VPN Client in VPN 7 years ago

Hello,>> 1. I want to know if we will still be able to use the existing VPN client (v4) to...

busterswt commented on Pix 501 and using PHP includes with domain name in Firewalling 7 years ago

You may need to enable DNS doctoring to get this working properly. If you're using static NAT...

busterswt commented on URGENT: Unable to ping vpn client ip from router in VPN 7 years ago

Hello,I recommend using an RFC1918 network for your IP pool instead of a publically routable...

busterswt commented on when i use my PC connect to ASA VPN server,why i can't get line?go internet in VPN 7 years ago

Because you've implemented split tunnelling, normal internet traffic will continue to work as...

busterswt commented on VPN Clients connecting to a Spoke Network being blocked. in Remote Access 7 years ago

You ought to be able to enable logging to catch which ACL is denying that traffic. Try the...

busterswt commented on unable to login after password change ASA 5500 in VPN 7 years ago

That's correct. Since you've disabled password recovery, when you enter rommon you will be prompted...

busterswt commented on ASA to ASA VPN in VPN 7 years ago

Hello,The crypto ACL on site1 appears to be setup incorrectly. Site1 is defined at 192.168.2.0/24,...

busterswt commented on Site to Site VPN troubleshooting and debugging help in VPN 7 years ago

Hi Mario,Check to make sure that the remote branches contain the DMZ network in *their* crypto ACLs...

busterswt commented on unable to login after password change ASA 5500 in VPN 7 years ago

By adding the word 'encrypted', you told the ASA that the password you entered was the encrypted...

busterswt commented on ASA 5510 L2L with NAT in VPN 7 years ago

From what I'm seeing, that doesn't appear to be your entire config there. From what I see though,...

busterswt commented on VPN : Reason 442 - on Virtual Machine in VPN 7 years ago

Cisco has released a 64-bit IPSec VPN client that is currently in 'beta' status. I believe this...

busterswt commented on Site to Site VPN troubleshooting and debugging help in VPN 7 years ago

If you do a 'show ipsec sa detail' on the ASA or PIX do you see an SA created for both networks (...

busterswt commented on CSS - Backend server with Multiple interfaces in Application Networking 7 years ago

If I'm understanding your configuration correctly, traffic destined to a VIP on the CSS that...

busterswt commented on Unable to acceed to my webserver by inside interface in Firewalling 7 years ago

Hi Herbert,I'm sorry, you are correct about 'same-security-traffic permit intra-interface' on 7...

busterswt commented on Unable to acceed to my webserver by inside interface in Firewalling 7 years ago

You are on a PIX, so the following command is not supported: same-security-traffic permit intra-...

busterswt commented on Unable to acceed to my webserver by inside interface in Firewalling 7 years ago

You will never be able to hit the outside IP from an inside machine. What DNS doctoring is doing is...

busterswt commented on Dead Peer Detection and email? in VPN 7 years ago

Hi Stan,Check out this document, specifically 'Sending System Log Messages to an E-Mail Address':...

busterswt commented on Anyconnect Profile configuration in VPN 7 years ago

Hi Jeff,Since you're using RADIUS to authenticate perhaps this will help:http://www.cisco.com/en/US...

busterswt commented on ASA 5510 7.0 Need to tunnel to two different sites with same LAN subnet in VPN 7 years ago

Hi Pam,I don't know of any way to NAT the traffic as it enters the 5510, but if the remote branches...

busterswt commented on SSL VPN and Hairpining in VPN 7 years ago

Hi Shaun,Sorry for the confusion. I mentioned the crypto ACL since I am used to configuring split-...

busterswt commented on SSL VPN and Hairpining in VPN 7 years ago

Where is the ACL used for the encryption domain? This is the ACL used by the client VPN software to...

busterswt commented on SSL VPN login page does not display in VPN 7 years ago

Would you mind posting your config, free of passwords and any other sensitive data?

busterswt commented on CSS load balancing in both directions. in Application Networking 7 years ago

It sounds like you need to implement a group rule using 'add service service_name'.ie. service...

busterswt commented on ASA SSL VPN in Firewalling 7 years ago

My experience is that you can have many connections from the same source IP without the ASA...

busterswt commented on AnyConnect login page - default group display in VPN 7 years ago

I don't know if you can set the order persay, but you can assign an alias name to a group and maybe...

busterswt commented on SSL VPN login page does not display in VPN 7 years ago

What OS and browser have you tested this on? What version code and what version of AnyConnect are...

busterswt commented on ISAKMP policy number order? in VPN 7 years ago

Just to add to this... the number *does* matter if you'd like to prefer one policy over another....

busterswt commented on How do i start VPN l2l initialization? in VPN 7 years ago

You need to initiate traffic from one end to the other in order for the tunnel to build. The...

busterswt commented on AnyConnect 2.3.254 in Remote Access 7 years ago

Hi Harald,The 'AnyConnectProfile.tmpl' file can be found on a client workstation that has the...

busterswt commented on problem with some inside hosts not able to reach the outside interface (asa 5505) in Firewalling 7 years ago

- How many IPs do you have in these ranges?global (outside) 1 216.x.x.x-216.x.x.xglobal (outside) 1...

busterswt commented on L2L VPN failed inside on ASA 5520 (8.02) in VPN 7 years ago

Hi Michael,After looking at your packet-tracer syntax, I think you have the source and dest IP...

busterswt commented on L2L VPN failed inside on ASA 5520 (8.02) in VPN 7 years ago

Hi Michael,- Is the peer IP really part of the network that makes up the encryption domain?- Is the...

busterswt commented on css balance on remote lan in Application Networking 7 years ago

Yes, it can. Treat the remote server like you would any other server sitting behind the CSS when...

busterswt commented on VPN establishment capability from a remote desktop is disabled in VPN 7 years ago

I'm not sure where the file is stored, but you can just search for it on your machine and it should...

Bio

User Badges:
  • Badge.
    Bronze
    100 points or more

busterswt's Stats

Discussion started
Answers marked as Correct
Endorsed
Content Rated