<Help - Unable to builld a IP-SEC VPN on a Cisco ASA 5520>
Group, I am stuck like chuck. We are unable to activate a VPN in one of the virtual firewall context. Under the crypto commands, none of the IP-sec are available. Any help on this would be appreciated. Version we running is 8.0(4) Michael Ruiz mruiz@telwestservices.com <mailto::mruiz@telwestservices.com>
Call 1-800-553-2447, they should be able to help. On Wed, Oct 7, 2009 at 9:56 AM, Michael Ruiz <mruiz@telwestservices.com>wrote:
Group,
I am stuck like chuck. We are unable to activate a VPN in one of the virtual firewall context. Under the crypto commands, none of the IP-sec are available. Any help on this would be appreciated. Version we running is 8.0(4)
Michael Ruiz mruiz@telwestservices.com <mailto::mruiz@telwestservices.com>
Michael Ruiz wrote:
Group,
I am stuck like chuck. We are unable to activate a VPN in one of the virtual firewall context. Under the crypto commands, none of the IP-sec are available. Any help on this would be appreciated. Version we running is 8.0(4)
Isn't VPN only available in single-context mode?
I was in ASA class just last week and asked about this exact issue. I was told that at this time you cannot do the IPSec VPN in Multiple context mode (due to the ASA not being able to keep track of the SA). This is a software issue that Cisco is working on and has in test at this time. No timeframe for release though. -John -----Original Message----- From: Jason Bertoch [mailto:jason@i6ix.com] Sent: Wednesday, October 07, 2009 1:03 PM To: nanog@nanog.org Subject: Re: <Help - Unable to builld a IP-SEC VPN on a Cisco ASA 5520> Michael Ruiz wrote:
Group,
I am stuck like chuck. We are unable to activate a VPN in one of the virtual firewall context. Under the crypto commands, none of the IP-sec are available. Any help on this would be appreciated. Version we running is 8.0(4)
Isn't VPN only available in single-context mode?
yup you lose alot in mutli context mode such as vpn, and routing protocols. It basically just becomes a true stateful firewall. On Wed, Oct 7, 2009 at 1:26 PM, John Hodges <jhodges@simplexity.com> wrote:
I was in ASA class just last week and asked about this exact issue.
I was told that at this time you cannot do the IPSec VPN in Multiple context mode (due to the ASA not being able to keep track of the SA). This is a software issue that Cisco is working on and has in test at this time. No timeframe for release though.
-John
-----Original Message----- From: Jason Bertoch [mailto:jason@i6ix.com] Sent: Wednesday, October 07, 2009 1:03 PM To: nanog@nanog.org Subject: Re: <Help - Unable to builld a IP-SEC VPN on a Cisco ASA 5520>
Michael Ruiz wrote:
Group,
I am stuck like chuck. We are unable to activate a VPN in one of the virtual firewall context. Under the crypto commands, none of the IP-sec are available. Any help on this would be appreciated. Version we running is 8.0(4)
Isn't VPN only available in single-context mode?
Does Juniper firewall has same issue? Devang Patel On Oct 7, 2009, at 11:29 AM, Dane Newman <dane.newman@gmail.com> wrote:
yup you lose alot in mutli context mode such as vpn, and routing protocols. It basically just becomes a true stateful firewall.
On Wed, Oct 7, 2009 at 1:26 PM, John Hodges <jhodges@simplexity.com> wrote:
I was in ASA class just last week and asked about this exact issue.
I was told that at this time you cannot do the IPSec VPN in Multiple context mode (due to the ASA not being able to keep track of the SA). This is a software issue that Cisco is working on and has in test at this time. No timeframe for release though.
-John
-----Original Message----- From: Jason Bertoch [mailto:jason@i6ix.com] Sent: Wednesday, October 07, 2009 1:03 PM To: nanog@nanog.org Subject: Re: <Help - Unable to builld a IP-SEC VPN on a Cisco ASA 5520>
Michael Ruiz wrote:
Group,
I am stuck like chuck. We are unable to activate a VPN in one of the virtual firewall context. Under the crypto commands, none of the IP-sec are available. Any help on this would be appreciated. Version we running is 8.0(4)
Isn't VPN only available in single-context mode?
VPNs work only in single, routed mode. VPN functionality is unavailable in configurations that include either security contexts, also referred to as multi-mode firewall, or Active/Active stateful failover. The exception to this caveat is that you can configure and use one connection for administrative purposes to (not through) the security appliance in transparent mode. From http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/vpnsy... On Wed, Oct 7, 2009 at 11:56 AM, Michael Ruiz <mruiz@telwestservices.com> wrote:
Group,
I am stuck like chuck. We are unable to activate a VPN in one of the virtual firewall context. Under the crypto commands, none of the IP-sec are available. Any help on this would be appreciated. Version we running is 8.0(4)
Michael Ruiz mruiz@telwestservices.com <mailto::mruiz@telwestservices.com>
participants (8)
-
Dane Newman
-
Devangnp
-
Eugeniu Patrascu
-
Jason Bertoch
-
John Hodges
-
Michael Ruiz
-
Mike
-
Mike Lyon