JonCommins

Member Since: Nov 13, 2010

User Badges:

English
JonCommins commented on Tunnel Up, But Cannot Ping in VPN 3 years ago

No, there are no routers behind the ASA.Yes, I am pinging from the ASA itself, in the fashion ...

JonCommins commented on Tunnel Up, But Cannot Ping in VPN 3 years ago

Hi William.Yes, the traffic to 10.45.0.0, from the 1921, should be going out the primary ISP...

JonCommins commented on Can connect via VPN Client, and can ping inside interface, but not other inside devices. in VPN 3 years ago

I added the ACL like you suggested, however the issue persisted. I ended up giving Cisco support a...

JonCommins commented on Phase 1 completed, but why not phase 2? Configs included. in VPN 3 years ago

I ran the following on VMON-ASA: no crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs...

JonCommins commented on Phase 1 completed, but why not phase 2? Configs included. in VPN 3 years ago

No, because "crypto map ___ 21" on the second ASA references that access-list. And crypto map 21 is...

JonCommins commented on Can connect via VPN Client, and can ping inside interface, but not other inside devices. in VPN 3 years ago

Hey Luis.I'm sorry, I changed the VPN Client pool to 10.99.99.1-50 because I've been told it's...

JonCommins commented on Trouble establishing dynamic tunnel from ASA 5505 to Cisco 1921 in VPN 3 years ago

There was a few things I forgot. Here's the fix, added to the Cisco 1921:! Key neededcrypto isakmp...

JonCommins commented on Trouble establishing dynamic tunnel from ASA 5505 to Cisco 1921 in VPN 3 years ago

Have checked the ACLs and they seem pretty straight forward. I see nothing wrong, do you?! ASA 5505...

JonCommins commented on Can connect via VPN Client, and can ping inside interface, but not other inside devices. in VPN 3 years ago

Hello Luis.I gained access to one of the hosts local to the router.The Windows firewall is disabled...

JonCommins commented on Phase 2 completes, but tunnel unusable and won't stay up. in VPN 3 years ago

Hey Rudy.Ran the following to ensure that the dynamic crypto map comes after all the static maps:...

JonCommins commented on Trouble completing phase 1 of site-to-site tunnel. in VPN 3 years ago

Thank you. I'm able to complete phase 1 now.

JonCommins commented on Trouble completing phase 1 of site-to-site tunnel. in VPN 3 years ago

Yes. Here's the configuration for the Cisco 1921:pastebin.com/raw.php?i=fkie4CVqAnd here's the...

JonCommins commented on Why can I SSH to ASA from inside network, but not from outside? in Security Management 3 years ago

I believe I've already enabled SSH access from the outside.Specifically, this line in the config: ...

JonCommins commented on Can connect via VPN Client, and can ping inside interface, but not other inside devices. in VPN 3 years ago

Update 1: DiagramUpdate 2:Is it a problem that I'm using "10.70....

JonCommins commented on Can connect via VPN Client, and can ping inside interface, but not other inside devices. in VPN 3 years ago

Hey Luis.I understand what you're saying about how a core router can impede "traffic trying to...

JonCommins commented on Can connect via VPN Client, and can ping inside interface, but not other inside devices. in VPN 3 years ago

Hey Luis.When VPN Clients connect, it appears that routes are automatically added, so what need is...

JonCommins commented on Can connect via VPN Client, and can ping inside interface, but not other inside devices. in VPN 3 years ago

I suspect we are not actually seeing the hitcounts on the ACL rule.Pings to 10.70.1.1 (the router...

JonCommins commented on Can connect via VPN Client, and can ping inside interface, but not other inside devices. in VPN 3 years ago

Hey Luis.            Tried your suggestion:PG-1921(config-ext-nacl)#do show access-list 130...

JonCommins commented on AnyConnect client can ping remote ASA inside IP, but not computers on same subnet. in VPN 3 years ago

This line fixed it, in the Kanai ASA config:access-list out-in extended permit ip 192.168....

JonCommins commented on AnyConnect client can ping remote ASA inside IP, but not computers on same subnet. in VPN 3 years ago

Update: Created diagram to better show what's happening.

JonCommins commented on ASDM webpage showing up, but not AnyConnect in VPN 3 years ago

Ended up getting help from Cisco support and this is resolved. Not sure if that was the only thing...

JonCommins commented on Cannot upload AnyConnect image to ASA via ASDM in VPN 3 years ago

Thanks, that worked OK.

JonCommins commented on Cannot upload AnyConnect image to ASA via ASDM in VPN 3 years ago

I get the same problem when trying to upload the 22MB ASDM 7.1.5.100 image. It get's to 90% then...

JonCommins commented on Cannot upload AnyConnect image to ASA via ASDM in VPN 3 years ago

Additionally, there appears to be plenty of space:

JonCommins commented on Cannot finish "phase 2" while establishing site-to-site VPN tunnel. in VPN 3 years ago

After adding this line, the tunnel came up, and has been reliably up ever since. Thank you!

JonCommins commented on Cannot finish "phase 2" while establishing site-to-site VPN tunnel. in VPN 3 years ago

ASA:           VMON-ASA# show crypto isakmp sa    Active SA: 4     Rekey SA: 0 (A...

JonCommins commented on Cannot finish "phase 2" while establishing site-to-site VPN tunnel. in VPN 3 years ago

Here's the debug cry isa 127 and debug cry ipsec results for the...

JonCommins commented on "AddRoute failed to add a route" error when connected via VPN Client in VPN 3 years ago

Fixed!! I had specified a certain ACL to be used:crypto isakmp client configuration group...

JonCommins commented on "AddRoute failed to add a route" error when connected via VPN Client in VPN 3 years ago

Update:I've also tried the this solution, with no success.

JonCommins commented on Software "VPN Client" tunnel to ASA established but cannot ping. in VPN 3 years ago

Nevermind. The pings were not going through because the firewall, of the Window XP machine I was...

JonCommins commented on Connected to ASA via software "VPN Client", but cannot ping devices. in VPN 3 years ago

Thanks, that resolved the failure message I was getting.

JonCommins commented on Error tunneling to ASA 5505 using "Software VPN Client" in VPN 3 years ago

Thank you, thank did it!

JonCommins commented on Site-to-site VPN between ASA 8.2's, cannot ping in VPN 3 years ago

That did it. Thanks!!

JonCommins commented on Using software to find least congested Wireless Channel, help in Getting Started with Wireless 6 years ago

I guess I should have mentioned, I am not using a cisco brand device currently. Have I misplaced my...

Bio

User Badges:

JonCommins's Stats

Points0
Discussion started 19
Answers marked as Correct 0
Endorsed 0
Content Rated 20