This is exception from my ASA config to show you 2 VPNs and difference between No-Nat access-list and actual VPN access-list. Tunnel-group linuxserverip ipsec-attributesĭoes anyone know where the problem is and how to fix it?Ĭan you show your NAT and related access-lists on your ASA?Īccess-list nat0 extended permit ip 192.168.105.0 255.255.255.0 192.168.1.0 255.255.255.0 Tunnel-group linuxserverip general-attributes Tunnel-group linuxserverip type ipsec-l2l The IPsec settings in the ASA sre as follows: crypto ipsec transform-set up-transform-set esp-3des esp-md5-hmacĬrypto ipsec transform-set up-transform-set2 esp-3des esp-sha-hmacĬrypto ipsec transform-set up-transform-set3 esp-aes esp-md5-hmacĬrypto ipsec transform-set up-transform-set4 esp-aes esp-sha-hmacĬrypto ipsec security-association lifetime seconds 28800Ĭrypto ipsec security-association lifetime kilobytes 4608000Ĭrypto map linuxserver 10 match address filtro-encrypt-linuxserverĬrypto map linuxserver 10 set peer linuxserverĬrypto map linuxserver 10 set transform-set up-transform-set2 up-transform-set3 up-transform-set4Ĭrypto map linuxserver 10 set security-association lifetime seconds 28800Ĭrypto map linuxserver 10 set security-association lifetime kilobytes 4608000
The tunnel comes up successfully, but for some reason that we can't figure out, the firewall is dropping packets from the VPN. Currently we're trying to set up an IPsec VPN between a Cisco ASA Version 8.0(4) and a CentOS Linux server.
0 kommentar(er)
