IEOC - INE's Online Community

Welcome to INE's Online Community - IEOC - a place for CCIE and CCENT candidates to connect, share, and learn. Our Online Community features CCIE forums and discussions for all tracks including Routing & Switching, Voice, Security, Service Provider, Wireless,, and Storage. Through these online communities you can discuss your questions with thousands of your peers, hundreds of CCIE's and INE's own team of world renowned CCIE instructors and authors, Brian Dennis - Quintuple CCIE #2210, Brian McGahan – Triple CCIE #8593, Petr Lapukhov - Quad CCIE #16379, and Mark Snow - Dual CCIE #14073.
All Tags » VPN (RSS)

Browse Forum Posts by Tags

Showing related tags and posts for the CCIE Security Technical forum. See all tags in the site
  • applying NAT (port-map) on VPN clients

    Hi. I have ASA 9.x with 2 IKEv1 site-to-site VPNs to 2 branches. I have also a web server inside the main office that services the web requests sent to TCP 8080. clients which access this web server are inside the main office as well as the branches. the IP addresses of the branch clients has been assigned...
    Posted to CCIE Security Technical (Forum) by timaz on 11-15-2016
  • using PKI with GETVPN

    Hi; I was reading GETVPN design and implement guide on Cisco website while noticed the writer has written that if we want to use certificates instead of the isakmp policy which is the very initial part of the configuration, we should generate an RSA key, e.g. KEY-1, but we should generate another RSA...
    Posted to CCIE Security Technical (Forum) by timaz on 03-30-2016
  • site-to-site vpn between router and ASA

    Hi all; I have this topology: I need a full mesh ipsec site-to-site vpn between ASA1, ASA2 and router 3. also I want to configure R3 as certificate server and have ASAs to obtain certificates needed from that router. the IP addresses are written on each link (the last octet of addresses of the ASA devices...
    Posted to CCIE Security Technical (Forum) by timaz on 02-07-2016
  • GRE over IPSEC and SVTI

    Dears, I'm getting a little confused with SVTI and GRE over IPSEC with IPSEC Profiles. 1) Now a SVTI replaces the static crypto map configuration in IOS, and inside the SVTI you would set the tunnel mode to be IPsec ipv4, therefore this eliminates the need to put a static crypto map at the physical...
    Posted to CCIE Security Technical (Forum) by AJ23 on 03-08-2015
  • Site to Site | ASA | Interview Questions

    Hey Everyone, Recently I had a telephonic interview with a Company.. I was asked some questions and from them, I am discussing 2 Questions here for which I need to know the solutions.. Kindly Help.. Q1: There are 2 sites, one in London and other in Delhi.. Site to Site VPN has been configured on ASAs...
    Posted to CCIE Security Technical (Forum) by navneetnarang on 06-27-2014
  • Anyconnect with SCEP auto-enrollment

    Hi Guys, I have been trying to configure any connect dual authentication factor with SCEP auto-enrollment. I was successful in configuring everything, including the LDAP-Map group redirection with both group-policies using simultaneous login 0 and the mapped with 3 simultaneous logins. Everything happens...
    Posted to CCIE Security Technical (Forum) by auranprost on 04-26-2014
  • Re: Crypto Map Flowchart ? How does a router/ASA processes a Crypto Map ?

    Hi Cristian, Thanx a lot for your valuable feedback. May I take the liberty of extending this conversation a bit more because to be fairly honest I am a bit stuck at a point. " However because the RA entry has no match or set commands, it acts like a catch all, this is why basically both RA and...
    Posted to CCIE Security Technical (Forum) by navneetnarang on 02-25-2014
  • Crypto Map Flowchart ? How does a router/ASA processes a Crypto Map ?

    Hi, Can anybody please explain the process of processing a crypto map on an interface ? Crypto Map priortiy ? Flow of packet from Engine to interface and then processing of crypto map ? I am trying to do S2S between R1 & R2 and Remote access between a client (connected to ISP) and R1, and if the...
    Posted to CCIE Security Technical (Forum) by navneetnarang on 02-24-2014
  • Site 2 Site VPN

    I have a configuration question I need to put a new ASA 5505 at a client's new DR site. They allocated an external ip address. What my client requires is two vpn tunnels form this site to their larger offices How can this be achieved. Thkx
    Posted to CCIE Security Technical (Forum) by rade5 on 12-13-2013
  • Site-2-Site VPN can only ping one way

    Hello Everyone, I'm having a problem with site-to-site vpn using PIX & FORTINET 60B, If I ping from network behind PIX say "ping", it is SUCCESFUL but when I ping from network behind FORTINET it is "Request Timed Out". FORTINET VPN CONFIGS: config vpn ipsec phase1...
    Posted to CCIE Security Technical (Forum) by xisark1982 on 05-17-2013
Page 1 of 3 (24 items) 1 2 3 Next >
IEOC CCIE Forums Internetwork Expert CCIE Training
About IEOC | Terms of Use | RSS | Privacy Policy
© 2010 Internetwork Expert, Inc. All Rights Reserved