Expand the production VLAN behind ASA5510 to the remote site and 2821

I have a 5510 ASA and here to contact one of the subnets behind this ASA out to my house which has a modem cable, a switch/router wireless and then behind that I have a router 2821.  I have read and it seems that L2TP can be the way to go, but can not find config examples.  Yet once again, I'd extend an and nail a permanent connection of one of VLAN in the production network to the bottom of my house using my cable modem and the 2821.  Examples of configuration would be very appreciated!  In addition, any recommendations for the IOS 2821 would be very appreciated.  Finally, the L2TP looks like how I need to go?  I enclose a very basic Visio diagram of what I'm trying to do.  Thank you, john

You must L2TPv3.

ASA does not support but will pass L2TPv3 borrowing.

At work, you will need to add another router. L3 switches does not support it.

The configuration of a router would be:

Pseudowire-class test

L2TPv3 encapsulation

IP local interface loopback0 (this will be the source of the tunnel, can use any interface with the IP address access remote xconnect)

!

int fas0/0.30

(do not put an ip address here)

encapsulation dot1q 30

pw-class xconnect X.X.X.X 1000 test

X.X.X.X is the IP the remote router interface, it serves to "interface local ip" in the remote configuration

Make sure that corresponds to 1000 (VC ID) on both sides

Tags: Cisco Security

Similar Questions

  • I've updated my explore since the MSN site and then restarted it said I was running a version of Windows.

    I've updated my explore since the MSN site and then restarted it said I was running a version of Windows. I then re installed Vista with my drive of origin as suggested and created that created an old file from windows to save older files and now it will not recognize the key of the product code.

    original title: reinstalling vista

    From you description of the problem you encounter, the scenario where this can happen.

    Windows vista was preinstalled by an OEM or by using a Volume license installation. The problem does not occur on retail versions of Windows Vista. For example, the problem will not occur if you bought Windows Vista and installed the operating system on a computer yourself. If this is the case with your system

    Solve this problem by referring to the article below.

    http://support.Microsoft.com/kb/935791

    To activate windows vista manually, you can follow the steps described in the links below.

    http://support.Microsoft.com/kb/940315

    I hope this helps.

  • Traffic redirect Internet from the remote site on the main site using the tunel of vpn ipsec

    Hi all

    I have a problem to redirect internet traffic from my remote to the main site by the IPSEC VPN tunnel. The remote site is a Cisco 2801 router with ios (c2800nm-advipservicesk9 - mz.124 - 22.T) and the remote site has ios (C870-ADVSECURITYK9-M, Version 12.4 (15) T12, fc3 SOFTWARE VERSION). This redirect does not work and the last jump with extended traceroute form the remote site is the ip wan of the main site.

    Is there someone who can help me with the right settings this redirection via VPN?

    the remote site config file:

    / * Style definitions * / table. MsoNormalTable {mso-style-name : « Tableau Normal » ; mso-tstyle-rowband-taille : 0 ; mso-tstyle-colband-taille : 0 ; mso-style-noshow:yes ; mso-style-priorité : 99 ; mso-style-qformat:yes ; mso-style-parent : » « ;" mso-rembourrage-alt : 0 cm 5.4pt cm 0 5.4pt ; mso-para-marge-haut : 0 cm ; mso-para-marge-droit : 0 cm ; mso-para-marge-bas : 10.0pt ; mso-para-marge-gauche : 0 cm ; ligne-hauteur : 115 % ; mso-pagination : widow-orphelin ; police-taille : 11.0pt ; famille de police : « Calibri », « sans-serif » ; mso-ascii-font-family : Calibri ; mso-ascii-theme-font : minor-latin ; mso-hansi-font-family : Calibri ; mso-hansi-theme-font : minor-latin ;}

    crypto ISAKMP policy 8

    BA 3des

    md5 hash

    preshared authentication

    ISAKMP crypto key dgsn2010 address 41.223.X.X

    !

    !

    Crypto ipsec transform-set esp-3des vpn

    !

    vpndgsn 10 ipsec-isakmp crypto map

    Description at HQ

    set of peer 41.223.X.X

    Set transform-set vpn

    match address VPNHQ

    !

    interface FastEthernet0

    IP 41.223.X.X 255.255.255.0

    NAT outside IP

    IP virtual-reassembly

    IP tcp adjust-mss 1300

    automatic duplex

    automatic speed

    vpndgsn card crypto

    !

    interface FastEthernet 4

    192.168.11.1 IP address 255.255.255.0

    IP nat inside

    no ip virtual-reassembly

    !

    IP route 0.0.0.0 0.0.0.0 41.223.X.X

    VPNHQ extended IP access list

    ip licensing 192.168.11.0 0.0.0.255 any

    !

    the main site config file:

    / * Style definitions * / table. MsoNormalTable {mso-style-name : « Tableau Normal » ; mso-tstyle-rowband-taille : 0 ; mso-tstyle-colband-taille : 0 ; mso-style-noshow:yes ; mso-style-priorité : 99 ; mso-style-qformat:yes ; mso-style-parent : » « ;" mso-rembourrage-alt : 0 cm 5.4pt cm 0 5.4pt ; mso-para-marge-haut : 0 cm ; mso-para-marge-droit : 0 cm ; mso-para-marge-bas : 10.0pt ; mso-para-marge-gauche : 0 cm ; ligne-hauteur : 115 % ; mso-pagination : widow-orphelin ; police-taille : 11.0pt ; famille de police : « Calibri », « sans-serif » ; mso-ascii-font-family : Calibri ; mso-ascii-theme-font : minor-latin ; mso-hansi-font-family : Calibri ; mso-hansi-theme-font : minor-latin ;}

    crypto ISAKMP policy 10

    BA 3des

    md5 hash

    preshared authentication

    ISAKMP crypto key dgsn2010 address 41.223.X.X

    !

    !

    Crypto ipsec transform-set esp-3des vpn

    !

    vpncreo 10 ipsec-isakmp crypto map

    Description FOR bastos

    set of peer 41.205.X.X

    Set transform-set vpn

    match address 110

    !

    interface FastEthernet0/0

    Description OF WAN

    IP 41.223.X.X 255.255.255.240

    NAT outside IP

    IP tcp adjust-mss 1492

    vpncreo card crypto

    !

    interface FastEthernet0/1

    Description OF LAN

    IP 192.168.10.1 255.255.255.0

    IP nat inside

    automatic duplex

    automatic speed

    !

    overload of IP nat inside source list NAT interface FastEthernet0/0

    IP route 0.0.0.0 0.0.0.0 41.223.31.241

    access-list 110 permit ip any 192.168.11.0 0.0.0.255

    NAT extended IP access list

    deny ip 192.168.10.0 0.0.0.255 192.168.11.0 0.0.0.255 any

    permit ip 192.168.10.0 0.0.0.255 any

    ip licensing 192.168.11.0 0.0.0.255 any

    !

    You must configure the routing policy based closure for NAT can be invoked on the main site.

    Here is an example configuration for your reference:

    http://www.Cisco.com/en/us/products/sw/secursw/ps2308/products_configuration_example09186a008073b06b.shtml

    Additionally, make sure that you don't do any NATing at your remote end, IE: you must configure the NAT exemption for all traffic from 192.168.11.0/24 to any (Internet).

    Hope that helps.

  • difference between the disaster site and recovery recovery management

    Hello guys,.

    can you please let me know if the disaster site and recovery recovery management are one and the same or are they different features of VI suite. do we buy these tools of recovery after disaster from a third party

    name of the vendor? If Yes, what are the best providers out there on the market

    recovery after disaster and SRM? In the meantime thanks for all who responded to this question.

    see you soon

    SRM is a tool to manage a recovery after disaster. There is not such a product called DR, but you can develop a strategy of DR to have your work with or without SRM environment.

    Dr., you need SAN based replication (or tool making it). SAN vendors have solutions that can be integrated with SRM or simply be part pof your particular strategy of DR.

    Marcelo Soares

    VMWare Certified Professional 310/410

    Master virtualization technology

    Globant Argentina

    Review the allocation of points for "useful" or "right" answers.

  • I had problems with access to most of the Web sites and I noticed that HTTPS is no longer, how do I make permanent HTTPS so I can access any Web site?

    I had problems with access to most of the Web sites and noticed that HTTPS no longer appears whenever I try to access a Web site. I can easily connect to my gmail and facebook account, but the problem is that when I click on a link on FB and gmail, I get the annoying message "refused to connect.

    How to address this issue, rather how to make HTTPS permanent so I can easily access any Web site. The date and time on my laptop are both correct. I am currently using OS x 10.9.5.Please!

    How to address this issue, rather how to make HTTPS permanent so I can easily access any Web site.

    My guess is that you have a damaged or invalid certificate entry OS X KeyChain, but to directly answer this question, I would say that consider you something like HTTPS Everywhere. Note, it is not available for Safari. It is available directly through the Google Chrome browser extensions.

  • Sometimes a web page is displayed with only text and no picures. It is not always the same site and is not always the case. If I'm going to explore for the same website that always works

    Sometimes a web page is displayed with only text and no picures. It is not always the same site and is not always the case. If I'm going to explore for the same website that always works

    Hello

    Also try a Ctrl + F5 refresh. This allows to bring the content of the page again.

  • I recently bought a Macbook Pro model of basic (January 2016) from the Apple site and found once it arrived it was a 2012 model. Should I have a leg flying to complain?

    I recently bought a base model Macbook Pro 13 "(29 janvier 2016) of the Apple site and found once it arrived it was a model 2012." Should I have a leg flying to complain? I expected to have been a model of 2015 at least. There is no indication on the site it is a 2012 model that I see.

    Because the MacBook Pro with the DVD has not been updated since 2012, there is no 2015 version of this model. I think Apple has this MBP autour, for those who really need an optical drive on the road. Otherwise the MacBook Air or rMBP is a better computer (and the 2015 MacBook Air is faster than the MBP of base)

  • Where can I view the tutorials mentioned in Iphoto and IDVD help. Need me Internet on the Apple site and they aren't there.

    Whenever I'm using IPhoto or IDVD he mentions tutorials to watch. When I click on it need me on the Apple site and there is no mention of them on the site. How to see the tutorials?

    Unfortunately, Apple stopped manufacturing and shipping iDVD 5 years ago and even with iPhoto, last year, it seems that these videos are deleted.

    There are a load of stuff on the site like YouTube and Vimeo, so I would start there.

  • Can I use a copy of Vista Business downloaded from the MSDN site and enable it with the KEY on the PC?

    I have a DELL and you want to reformat the PC of a friend.  It has a valid license for VISTA Business.  They have lost the CD.  Can I use a version downloaded from the MSDN site and enable it with the KEY on the PC, which is legal, it is going to work?

    Original title: reformat Dell

    Contact MSDN: 800-759-5474

    They should be able to answer your legal question and the key will work.

    J W Stuart: http://www.pagestart.com

  • Error: This page cannot be displayed - the remote device and does not accept the connection. (! found)

    * Original title: this page cannot be display the remote or unit does not accept the connection. (! found)

    My internet connection works very well, I'm trying to access a page of my gate of the school we use to complete missions. I can access my web page of schools, I can access my e-mail from the school, but I can't get the e-portfolio page. It says cannot display this page - the remote device and does not accept the connection - (! found). He said to ensure that the TSL and SSL in the advanced internet options security part turned on who they are, my better protected as well the mode. I've never had a problem accessing this page before. It is only this page! Help!

    Hello Teresa,.

    The probable cause of this problem could be due to wrong settings for internet explore.

    Please see the link below, Windows 8, follow the steps to check the Proxy and DNS settings
    http://support.Microsoft.com/kb/956196/en-us

    Warning: Reset the Internet Explorer settings can reset security settings or privacy settings that you have added to the list of Trusted Sites. Reset the Internet Explorer settings can also reset parental control settings. We recommend that you note these sites before you use the reset Internet Explorer settings.

    Hope this helps, please answer with the results for assistance.

  • ORA-19846: cannot read the header of the data file of the remote site 21

    Hello

    I have a situation or I can say a scenario. It is purely for testing base. Database is on 12.1.0.1 on a Linux box using ASM (OMF).

    Standby is created on another machine with the same platform and who also uses ASM (OMF) and is in phase with the primary. Now, suppose I have create a PDB file on the primary of the SEED and it is created successfully.

    After that is a couple of log, do it again passes to the waiting, but MRP fails because of naming conventions. Agree with that! Now, on the primary, I remove the newly created PDB (coward the PDB newly created). Once again a couple of switches of newspapers which is passed on to the wait. Of course, the wait is always out of sync.

    Now, how to get back my watch in sync with the primary? I can't roll method until the required data (new PDB) file does not exist on the main site as well. I get the following error:

    RMAN > recover database service prim noredo using backupset compressed;

    To go back to November 8, 15

    using the control file of the target instead of recovery catalog database

    allocated channel: ORA_DISK_1

    channel ORA_DISK_1: SID = 70 = device = DISK stby type instance

    RMAN-00571: ===========================================================

    RMAN-00569: = ERROR MESSAGE STACK FOLLOWS =.

    RMAN-00571: ===========================================================

    RMAN-03002: failure of the command recover at the 18:55:32 08/11/2015

    ORA-19846: cannot read the header of the data file of the remote site 21

    The clues on how to I go ahead? Of course, recreating the eve is an option as its only based on test, but I don't want recreation.

    Thank you.

    I tried like below:

    1 a incremental backup of the primary of the CNS where off the eve also taken primary backup controlfile as Eve format.

    2 copy the backup of the watch parts, catalogged them on the day before.

    3 recovered Eve with noredo option - it fails here with the same error pointing to the 21 data file.

    OK, understood. Try not to get back the day before first, rather than restore the controlfile and then perform the restoration.

    Make it like:

    1. take incremental backup of primary SNA, also ensures the backup controlfile format.

    2. copy pending, get the location of the data file (names) by querying v$ datafile on the eve. Restore the controlfile ensures from the backup controlfile you took on primary and mount.

    3. Since you are using OMF, the path of primary and standby data file will be different. (/). If you require catalog data from the database files pending.

    (Reason: you restore controlfile from elementary to step 2, which takes place from the main access road). Use the details that you obtained in step 2 and catalog them.

    4. turn the database copy by RMAN. (RMAN > switch database to copy ;))

    5 Catalog backup items that you copied in step 2.

    6. recover the standby database using 'noredo' option.

    7. finally start the MRP. This should solve your problem.

    The reason I say this works is because here, you restore the controlfile to primary first, which will not have details 21, datafile, and then you are recovering. So it must succeed.

    In the previous method, you tried to first collect all the day before, and then restore the controlfile. While remedial classes, always watch seeks datafile 21 as he controlfile is not yet updated.

    HTH

    -Jonathan Rolland

  • Why can't I preview the changes before putting them live on the remote site in a browser?

    Help, please! I have inherited a website for editing and can't seem to get a preview of my changes without them going to live first. When I click on 'Live', the program hangs and I have to reopen. When I click on 'Preview in browser' he asks me to save the file or not and puts them on the remote site as well. I'm not particularly web savvy and learn on the way. I use CS6 on a Macbook OS X Yosemite.

    Your test server (Mamp) works?  If this isn't the case, you must start it.

    Nancy O.

  • I had to replace my hard drive and can not get my Photoshop CS2 9.0.2 to activate.  I tried the phone and the Web site and have both the serial number

    I had to replace my hard drive and can not get my Photoshop CS2 9.0.2 to activate.  I tried the phone and the Web site and have two serial numbers.  I can't find a number that strives to speak to a live person at Adobe.  I need to reduce the size of the pixel today on some photos and need the program.  Is there another way to reduce pixel if I can't get my Photoshop runs today?

    See the page linked below.  Your installation/serail number will not work.  You need to acquire a download for it with a specially assigned serial number...

    CS2: Error: unavailable activation server | CS2, Acrobat 7, hearing 3 -.

    l http://helpx.adobe.com/x-productkb/Policy-Pricing/Creative-Suite-2-activation-end-Life.htm

  • DW create the subdirectory on the remote site.

    I used Dreamweaver 2004 years for my site to work without problem. Recently, my remote hosting company moved to a secure server (and vice versa, due to problems). Since then, I can't download pages and then see the updates online.

    The connection tests very well and successfully download files, but they are not the files posted online.

    What happens is that DW is the creation of a subdirectory in the root directory of the /public_html/ on the remote server and pages updated in there. Of course, this means that my updates do not appear online because the link is wrong (my links don't have the subdirectory in them, because there is no such thing as the subdirectory on my local server).

    Why is this happening? It seems that the subdirectory, it creates and puts the files in has the same name as what I called my site locally, but that shouldn't matter, does it? It's just a name.

    My company remote host said it's something on my side (Dreamweaver), but I'm confused because the only thing I changed when they moved the site to a different server and back is once again the IP address.

    Any help you might have would be great. Thank you!!

    Looks like your site definition is somewhat made a blunder.

    Two places to search for an accidental redundant directory are in the window of your local site files. Your index.html page "should" be within the root of your local (all that you named your site). If it is in any other folder, except the local root, this file will be loaded on the server as a redundant directory level.

    It could also be wrong in your FTP settings. If you have something other than public_html in the root of the server (root), it won't go to the right place.

    Post a screenshot of your files window here extended (hit the development of far right button in the toolbar of the window files) while that connected to the server (to scroll both sides at the Summit if file lists are long) and a snapshot of your FTP info (make sure that the password is empty or displayed as dots) will determine what made a blunder.

  • Site Web is updated online, but seem to update the remote site pane?

    I use Dreamweaver 8.

    I am updating a website I have created initially.  I did this summer with success, until I did a major synchronization in order to cleanse the body of some really old files and make the site easier to manage for everyone.  Sync seems fine, but got it wrong in the end and ended up with the 'old' mainwebsite file and a mainwebsite file 'new '.  I then synced and it deleted the 'old' main site file (which is what I wanted to do).

    Now, when I do updates and put them on the remote site... they do not appear online.  Update the side "remote" site of the box of files.

    I tried to remove the site and then re - get the whole thing as if I've ever been in, but it is not yet published on the web.

    When I "re-" the site, he came with the old main site file, so I'm not sure what the field is SEO.  The old site file could be hiding somewhere on the FTP?

    Any ideas I could try?

    Sorry if I don't am not worded this correctly, I am new to Dreamweaver and use this site to learn the basics.  Thanks in advance!

    You need to be sure the site definitions are contained properly, if we're wrong, local or remote, you will have problems that you have.

    http://TV.Adobe.com/#VI+f1592v1760 Watch this video for a better explanation I can give.

    Brad Lawryk
    Adobe, Dreamweaver community expert
    Northern British Columbia Adobe User Group, Adobe user group manager

Maybe you are looking for

  • How can I prevent the buttons on taskbar to Firefox from popping up?

    I use no legs. I prefer my Web page buttons to align with the bottom of my screen, just like the old days. I'd like to see every page that I opened, instantly, without be hidden. The problem is that when I'm near the buttons, they pop up. It is very

  • Satellite A300: Win 7 touchpad double click does not

    Hello, recently I have installed Win 7 and double click on the touchpad is not responding. I have to use the left button. I reinstalled the drivers in different times, but the problem still persists. I use A300. When I go into the Device Manager sett

  • Satellite L40-137 - extension of 2 to 4 GB memory

    Dear Forum, I have not found any futher details to my problem in past posts. I have Satellite L40-137 (PSL40E) and tried to increase the memory 2 x 1 GB RAM 2x2gb. A datasheet, I found a maximum capacity of 4 GB, but with these two circuits, the comp

  • Help on getting my email messages to print larger, can't read, too small

    Using a deskjet HP 8600 +, windows 8 Print on emails too small when printing... How can I adjust it...? Bill

  • Progress Bar appear in my taskbar.

    My progressbar does not appear when I download files. Here is a link of what im trying to say. I download something, but the progress bar does not appear. Even in the Windows Explorer window, while I copy something, I see no progress bar. Is my graph