Problem with VLAN between Cisco Catalyst (3560G) and SG300-52

I am having trouble with the creation of a trunk of vlan between a SG300-52 and a Cisco Catalyst 3560 G. I have 4 VLANS (1, 2, 10 and 11) on the 3650 and I need ports on the SG300 to be able to communicate with them.

On the 3560, port 14 is defined as:

interface GigabitEthernet0/14

switchport trunk encapsulation dot1q

switchport mode trunk

spanning tree portfast

On the Sg300 port 52 is defined as:

interface GigabitEthernet52

point to point link type spanningtree

switchport trunk allowed vlan add 1,2,10,11

description macro switch

Try to understand what the problem... Any help would be appreciated.

Thank you

Chris

Hi Chris, the first problem is the spanning tree portfast, it shouldn't be on an interconnection network switch. You may have a mismatch of vlan native as well, but that shouldn't matter.

A suggestion, however, the value of the port SG300 general mode and disable the input filter.

-Tom
Please mark replied messages useful

Tags: Cisco Support

Similar Questions

Problems with VPN between Cisco PIX 6.3.3 and VPN 3000 Concentrator

Hi guys,.

I hope this is the right place and that someone has encountered this before I don't have much hair left to offset - I'm trying to set up a tunnel between our Pix 6.3.3 performer and a customer using a VPN3000.

The customer wants us to be able to do checkups on a device without allowing anything to of our range of addresses network side private, just one public IP address. We currently run a VPN to our recovery site to allow off-site replication, but the ACL on the other end of this VPN * does * allow the configuration that we had for our private network side, so traffic was not useful at that. Here is a screenshot of what I tried:

ethernet0 nameif outside security0
nameif ethernet1 inside the security100
nameif ethernet2 dmz1 security50

name 172.16.1.48 Cust_DVR1

permit 192.168.1.0 ip access list inside_outbound_nat0_acl 255.255.255.0 255.255.255.255 Cust_DVR1

permit 192.168.1.0 ip access list outside_cryptomap_30 255.255.255.0 255.255.255.255 Cust_DVR1

IP outside X.Y.Z.227 255.255.255.224
IP address inside 192.168.1.1 255.255.255.0

location of PDM Cust_DVR1 255.255.255.255 outside

Global 1 X.Y.Z.230 (outside)
Global (dmz1) 1 interface
NAT (inside) 0-list of access inside_outbound_nat0_acl
NAT (inside) 1 192.168.1.0 255.255.255.0 0 0

Crypto ipsec transform-set ESP-3DES-MD5-esp-3des esp-md5-hmac

outside_map 30 ipsec-isakmp crypto map

outside_map 30 peer A.B.C.D crypto card game<--- (public="" ip="" of="" customer="">

card crypto outside_map 30 match address centura_map_30

card crypto outside_map 30 the transform-set ESP-3DES-MD5 value

outside_map interface card crypto outside

ISAKMP key * A.B.C.D netmask 255.255.255.255 No.-xauth No. config-mode

part of pre authentication ISAKMP policy 30

ISAKMP policy 30 3des encryption

ISAKMP policy 30 md5 hash

30 2 ISAKMP policy group

ISAKMP duration strategy of life 30 86400

My hope is that anything on the 192.168.1.0/24 would be able to get out of the external interface as our only our public IP addresses (i.e. X.Y.Z.230), but the traffic they see on the other end is coming from the 192.168.1.0 network. I tried to remove the line inside_outbound_nat0_acl think she would use then the world but still do not have a bit of luck and the only difference I see on Kiwi Syslogd is that the src_proxy changes to 0.0.0.0 where is shows the IP address of my private side (for the purposes of the config above let's call it 192.168.1.135).

THANKS MUCH FOR ANY HELP!

-Mario

Hello

For example, you can NAT your internal via the tunnel network traffic when you go to this customer.

In this way, they will see your unique internal network as an IP address.

Let's say, rather than them seeing your internal 192.168.1.0/24, eelle will see your traffic like X.Y.Z.227

Is this what you need?

Federico.

Diagnostics Windows network, the error reads 'Problem with wireless adapter or access point' and fails to solve the problem.

«Problem with access point or wireless adapter»

Hi, I just bought a new laptop & I have the extreme difficulty to stay connected to the internet. When I run Windows Network Diagnostics, error reads 'Problem with wireless adapter or access point' and fails to solve the problem. Help, please... Thank you, Maria

HI Maria,

· What operating system is installed on your computer?

· You have installed the latest drivers for wireless network card?

Follow the suggestions below for a possible solution:

Method 1: Start your computer in a clean boot state in order to check if the applications of third parties or startup items is the origin of the problem.

How to troubleshoot a problem by performing a clean boot in Windows Vista or in Windows 7

http://support.Microsoft.com/kb/929135

Note: After troubleshooting, make sure that you configure the computer to start as usual as mentioned in step 7 in the above article.

Method 2: See these articles for solve wireless problems:

Why can't I connect to the Internet?

http://Windows.Microsoft.com/en-us/Windows7/why-can-t-I-connect-to-the-Internet

How can I troubleshoot network card?

http://Windows.Microsoft.com/en-us/Windows7/fix-network-adapter-problems

Windows wireless and wired network connection problems

http://Windows.Microsoft.com/en-us/Windows/help/wired-and-wireless-network-connection-problems-in-Windows

Let us know if that helps.

I have a problem with the drag (cursor snap) video and audio stuttering!

I have an emachine windows vista home edition and have caused problems with the drag (cursor snap) video and audio stuttering. my hardware configuration includes an HP printer and a video camera from Microsoft with pregnant beyond the keyboard, monitor, and system speakers routine. Are there updates or the settings that I can apply to correct this problem?

http://www.eMachines.com/support/drivers.html

The latest drivers/software for your machine come directly from eMachines.

Click the link above for them.

See you soon.

Mick Murphy - Microsoft partner

Cisco Catalyst 6509 and 6513 goes into config race disk0: / Backup Script

We use a Cisco Catalyst 6509 and 6513 switches in our network LAN and Man.

Please help me and share the script to take backup of all respective running to their disk0 configuration switches: / per week.

Double post.

Cisco Catalyst 6509 and 6513 running config backup to their respective disk0: / Script

We use a Cisco Catalyst 6509 and 6513 switches in our network LAN and Man.

Please help me and share the script to take backup of all respective running to their disk0 configuration switches: / per week.

Kind regards

Vinay

Double post.

difference between cisco NAC agent and cisco Clean Access Agent

Hi all

If anyone has the idea on different between cisco NAC agent and cisco Clean Access Agent, please let us know your ideas.

Thank you

In 4.6, the agent has been revised and is now called the NAC agent. Previous versions were called the clean access Agent. So roughly, 4.5 and 4.1.3.2 agent are own access agents, and agents 4.6.x and 4.7.x are called NAC agents.

Some of the changes are moving a lot of the agent configuration in an XML file, redesign of the GUI, adding a service portion (of the sort that the agent of heel is no longer necessary) and the best journaling agent.

Is anyone else having problems with Windows 8 when your typing and e-mail? For some reason, it comes out constantly to the tile screen while I type making me about starting more.

Is anyone else having problems with Windows 8 when your typing and e-mail? For some reason, it comes out constantly to the tile screen while I type making me about starting more.

Hi Chaz,

I thank you for your message and gives us a chance to help you. I see that the Mail app closes while you are typing an email.

Please answer these questions to get a better understanding of the issue.
1 have changes made to your computer before this problem?
2 shut down other applications while they are in use?
3. do you get an error code?

You can try these methods to check whether the problem is resolved.

Method 1: Run the troubleshooter of app.

http://download.Microsoft.com/download/F/2/4/F24D0C03-4181-4E5B-A23B-5C3A6B5974E3/apps.diagcab

Open this link to launch the troubleshooter.

Method 2: Update the application.

Method 3: Reinstall the application.

This link has the steps that you can follow to update and reinstall the application.

http://Windows.Microsoft.com/en-us/Windows-8/what-troubleshoot-problems-app

Feel free to use the forum for any other issue of Windows, you may have.

Problems with the installation of the bridge and the company
Hello world!
I have problems with the installation of the bridge and the company. Although I have install both of them successfully, when I try to connect to the gateway through the console I have error message saying there is no company installed. In fact, I get an error as well through the wizard saying "failed to run. Please see details below:

Unable to launch: "C:\DOCUME~1\SIEBEL~1\LOCALS~1\Temp\2\LRE19.tmp\bin\java.exe-Dtemp.dir=C:\DOCUME~1\SIEBEL~1\LOCALS~1\Temp\2\ - cp C:\siebelent\siebsrvr\bin\setup.jar run - args LANG = ENU VISIBILITY = REPEAT BUSINESS = FALSE MODE = MODEL_FILE=C:\siebelent\siebsrvr\admin\siebel_server_sia.scm LIVE" error code: ""(SBL-STJ-00152)-1 "»

Also, when I try ot run the following in the console: C:\siebelent\gtwysrvr\BIN\srvrmgr.exe - u - p SADMIN SADMIN - g siebelwin2k32-e SIEBELENT, I get this error: fatal error (3015667): the program variable 1% is not defined, existing...

Thank you in advance for your help!

MARIANA
Mariana,

Please confirm if you try to configure the siebel server in the same machine as the gateway server. If so try to use localhost instead of the hostname of the machine setting up Siebel server.

I assume you are using windows 2003 as the operating system.

Thank you

Wilson

Problem with ping VPN cisco 877

Hi all!

I have a working VPN between a fortigate and a Cisco.

I have a problem with ping network behind the cisco of the network behind the forti.

When I ping to vlan2 cisco without problem (192.168.252.1) interface, but I can't ping a server in the vlan2 (192.168.252.2) behind the cisco.

However the Cisco I can ping the server. In the forti, I see that ping to the interface vlan2 and server in vlan2 take in the same way, and I can see package.

I post my config could see it it as blocking the ping from 10.41.2.36 to 192.168.252.2 while 192.168.252.1 ping is OK?

IPSEC #show run
Building configuration...

Current configuration: 3302 bytes
!
! Last modification of the configuration at 14:42:17 CEDT Friday, June 25, 2010
! NVRAM config update at 14:42:23 CEDT Friday, June 25, 2010
!
version 12.4
no service button
horodateurs service debug datetime msec
Log service timestamps datetime localtime show-time zone
encryption password service
!
IPSEC host name
!
boot-start-marker
boot-end-marker
!
logging buffered 1000000
enable secret 5 abdellah
!
No aaa new-model
clock timezone GMT 1
clock to summer time CEDT recurring last Sun Mar 02:00 last Sun Oct 03:00
!
!
dot11 syslog
IP cef
No dhcp use connected vrf ip
DHCP excluded-address IP 192.168.254.0 192.168.254.99
DHCP excluded-address IP 192.168.254.128 192.168.254.255
!
IP dhcp DHCP pool
network 192.168.254.0 255.255.255.0
router by default - 192.168.254.254
Server DNS A.A.A.A B.B.B.B
!
!
no ip domain search
name of the IP-server A.A.A.A
name of the IP-server B.B.B.B
!
!
!
!
!
crypto ISAKMP policy 1
BA aes 256
preshared authentication
Group 5
ISAKMP crypto key ciscokey address IP_forti
!
!
Crypto ipsec transform-set esp - aes 256 esp-sha-hmac vpntest
!
myvpn 10 ipsec-isakmp crypto map
defined by peer IP_forti
Set transform-set vpntest
match address 101
!
Archives
The config log
hidekeys
!
!
!
!
!
interface Tunnel0
IP 2.2.2.1 255.255.255.252
source of Dialer0 tunnel
destination of IP_forti tunnel
myvpn card crypto
!
ATM0 interface
bandwidth 320
no ip address
load-interval 30
No atm ilmi-keepalive
DSL-automatic operation mode
!
point-to-point interface ATM0.1
MTU 1492
bandwidth 160
PVC 8/35
VBR - nrt 160 160
PPPoE-client dial-pool-number 1
!
!
interface FastEthernet0
switchport access vlan 2
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
switchport access vlan 2
!
interface Vlan1
IP 192.168.20.253 255.255.255.0
IP nat inside
no ip virtual-reassembly
!
interface Vlan2
IP 192.168.252.1 255.255.255.0
IP nat inside
IP virtual-reassembly
!
interface Dialer0
bandwidth 128
the negotiated IP address
NAT outside IP
no ip virtual-reassembly
encapsulation ppp
load-interval 30
Dialer pool 1
Dialer-Group 1
KeepAlive 1 2
Authentication callin PPP chap Protocol
PPP chap hostname [email protected] / * /
PPP chap password 7 abdelkrim
myvpn card crypto
!
IP forward-Protocol ND
IP route 0.0.0.0 0.0.0.0 Dialer0
IP route 10.41.2.32 Tunnel0 255.255.255.240
!
no ip address of the http server
no ip http secure server
The dns server IP
translation of nat IP tcp-timeout 5400
no ip nat service sip 5060 udp port
overload of IP nat inside source list NAT interface Dialer0
!
IP access-list standard BROADCAST
permit of 0.0.0.0
deny all
!
NAT extended IP access list
IP enable any host IP_cisco
deny ip 192.168.252.0 0.0.0.255 10.41.2.32 0.0.0.31
!
access-list 101 permit ip 192.168.252.0 0.0.0.255 10.41.2.32 0.0.0.31
public RO SNMP-server community
3 RW 99 SNMP-server community
SNMP-server community a RO
SNMP-Server RO community oneCommunityRead
not run cdp
!
!
!
control plan
!
!
Line con 0
password 7 abdelkrim
opening of session
no activation of the modem
line to 0
line vty 0 4
password 7 aaaaa
opening of session
escape character 5
!
max-task-time 5000 Planner
NTP-period clock 17175037
Server NTP B.B.B.B
Server NTP A.A.A.A

end

Alex,

It's your GRE tunnel:

interface Tunnel0
IP 2.2.2.1 255.255.255.252
source of Dialer0 tunnel
destination of IP_forti tunnel
myvpn card crypto

You also have routing set by it.

You don't need a GRE tunnel, nor do you need the road to tunnel if you want just IPsec tunnel.

Having a problem with the message saying (not answer) and computor lock, answers please

Problem with computor saying "not responding" and lock, any ideas please.

Problem with computor saying "not responding" and lock, any ideas please.

Provide you any other information. You have to give to get when it comes to troubleshooting.

Given that don't even give you an operating system - replace the defective hardware. ;-)

What specific operating system you use? Include the service pack level and architecture (SP1, SP2, SP3... (32 - bit or 64 - bit?)

I'm guessing that has happened since the first day - of a lifetime of computers - what happened between he works and does not? New software installed? All new hardware installed or attached?

Did you * nothing * to try to remedy the situation? If so - what?

Be specific. Ignore the cameras, microphones and remote viewing software, we have installed in your home, clothing and computer. Pretend that we do not understand what you do and save it for future reference. * smile * (should be easy - we don't have).

Stuff in general, you could do (as long as you use a Microsoft Windows Operating System after the year 2000...)

Search for malware:

Download, install, execute, update and perform analyses complete system with the two following applications:
- MalwareBytes (FREE)
- SuperAntiSpyware (FREE)
Remove anything they find. Reboot when necessary. (You can uninstall one or both when finished.)

Search online with eSet Online Scanner.

The less you have to run all the time, most things you want to run will perform:

Use Autoruns to understand this all starts when your computer's / when you log in. Look for whatever it is you do not know usingGoogle (or ask here.) You can hopefully figure out if there are things from when your computer does (or connect) you don't not need and then configure them (through their own built-in mechanisms is the preferred method) so they do not - start using your resources without reason.

You can download and use Process Explorer to see exactly what is taking your time processor/CPU and memory. This can help you to identify applications that you might want to consider alternatives for and get rid of all together.

Update your drivers for hardware devices from the manufacturer themselves - do not use the built-in features of Windows. If you want, come back and let us know a bit more information on your system - particularly the brand / model of the system, you have - and maybe someone here can guide you to the place s x of law to this end. This isn't 100% necessary - but I'd be willing to bet that you would gain some performance and features in making this part.

Problem with my Acer Aspire 5552-5686 and 5.1 Audio HDMI

Hi all, I recently bought a SONY HT-SS380 Home Theatre, and I tried to connect it to my Acer Aspire 5552-5686 by HDMI port. (I have Windows 7).

My problem is that I have can´t set up the laptop to use more than 2 channels (stereo). I ve been looking around the internet and there seems to be a common problem with this computer, but I can´t understand why or how to fix it.

I ve tried to install the latest Realtek Audio drivers, the Catalyst Control Center, some Audio HDMI of ATI drivers. I Don t know what else to try!

Any help?

Thank you very much!

This isn't the audio chipset of this system, which I listed above.

The audio chipset to send the data in 5.1 surround. The HDMI port would support, if it was sent.

It is not sent in this way, I listed above.

Problems of synchronization between a mobile device and Windows Mail

I use Windows Mail 6.0.6000.16386 version (vista_rtm.061101 - 2205) on my Vista machine.

T1) when I synchronize my contact numbers of my mobile (Nokia) to my Windows Mail Contacts using the supplied software (Nokia PC suite), I find that if a certain person/entity contact stored in mobile, to say Mr. X or Company Y, 4 phone numbers, only 1 or 2 of them get copied into the Windows Mail contacts folder other numbers not copied anywhere. What is the reason for this, and how can it be rectified it IE. all the associated with a given contact phone numbers must be copied across everything by synchronizing?

Q2) I have 2 mobile, each for himself, and wife. Each mobile has its own set of contacts. During synchronization with Windows Mail, I found that all the contacts from mobile 2 copied in a single database of Contacts in Windows Mail and vice versa so in each mobile. So my contacts appear in the motive of my wife, as well as its own contacts, contacts appear in my mobile, as well as mine. Is it possible in Windows Mail by which we create separate databases for each set of contacts in the mobile phone, so that when you run a synchronization between my phone and Windows Mail, only my contacts updated in 'ma' database and in my phone, then when the mobile synchronization of my wife with Windows Mail and only its contacts updated in 'his' database and his mobile phone.

Thank you very much!

Hello

I think many other users of Nokia's reported problems with this PC Suite software. I suggest you look on the Nokia forums for support with this specific software, as it is a question of Nokia PC Suite and not a Windows Mail or Windows issue.

As for your second question, you need to create a second account using Windows Mail and helps to keep the boxes to the letters and separate records:

http://answers.Microsoft.com/en-us/Windows/Forum/windows_vista-windows_programs/how-do-i-create-separate-inboxes-in-Windows-Mail/c5a458af-7d8b-4def-a3f5-bd425a2c519e

What happened to e-mail identities?
http://Windows.Microsoft.com/en-us/Windows-Vista/what-happened-to-e-mail-identities

Problems with Win 7: lost internet connection and downloads

Hello

I'm not sure that the two problems are related... I don't know what topic to choose.

I have a custom, with Win 7 machine, and I install all required updates. But for a while (months? I turn it off every night) it says 15 updates are available every time that I reboot, and I see no updates installed (I search for installed updates today).

Anyway, let them go all the way, and when I restart, I have no connection. It's happened several times (everytime I reboot). Maybe that I had the chance to solve the problem by restarting (and reinstalling :)) 15 updates, but today I can't. I am connected by wire to a modem. Our all other computers work.

I have a job in the process and need my internet connection (easier to work on a desktop computer with large screen of a laptop) and I can't.

In network and sharing Center, there is a cross between 'Several networks' and the internet. I have the message if I 'connect or disconnect' "no Internet access.

I did ipconfig, and I get media disconnected. I did not unplug anything!

I would be very grateful for your help.

Thank you very much

Hi Allwyna,

Thanks for the reply.

As you said, there are 16 updates that never completed the installation. There could be opportunities updates are at the origin of the problem. So before solve us the connection problem. We should go ahead and first to solve the problem of updates.

I would like to know you have installed any Security Antivirus software on your computer, if so I first suggest you temporarily disable the Antivirus software install on your computer and check if that helps.

Warning: Antivirus software helps protect your computer against viruses and other security threats. In most cases, you should not disable your antivirus software. If you have to temporarily disable it to install other software and/or any relevant issue, you must reactivate as soon as you are finished. If you are connected to the Internet or a network, while your antivirus software is disabled, your computer is vulnerable to attacks by malicious software.

Try the methods.

Method 1:

I suggest following the steps listed in the article and check if it works.

Problems with installing updates

http://Windows.Microsoft.com/en-us/Windows/troubleshoot-problems-installing-updates#1TC=Windows-7

Method 2:

I suggest you to manually reset windows update components.

http://support.Microsoft.com/en-us/KB/971058

NOTE: This section, method, or task contains steps that tells you how to change the registry. However, serious problems can occur if you modify the registry incorrectly. Therefore, make sure that you proceed with caution. For added protection, back up the registry before you edit it. Then you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click on the number below to view the article in the Microsoft Knowledge Base:

322756 (http://support.microsoft.com/kb/322756/ )

How to back up and restore the registry in Windows

I hope this helps. Please let us know the results. We will be happy to help you further.

Site to Site VPN between Cisco ASA 5505 and Sonicwall TZ170

I'm trying to implement a VPN site-to site between our data center and office. The data center has a Cisco ASA 5505 and the Office has a Sonicwall TZ170. I managed to configure the two so that the vpn connects. Each of the firewall I ping the IP Address of the internet firewall on the other side and a desktop computer I can ping the IP Address of the firewall internal datacenter but I can't carry traffic between private subnets datacenter and desktop. Can anyone help?

The config below has had IPs/passwords has changed.

External Datacenter: 1.1.1.4

External office: 1.1.1.1

Internal data center: 10.5.0.1/24

Internal office: 10.10.0.1/24

: Saved
:
ASA Version 8.2 (1)
!
hostname datacenterfirewall
mydomain.tld domain name
activate the password encrypted
passwd encrypted
names of
name 10.10.0.0 OfficeNetwork
10.5.0.0 DatacenterNetwork name
!
interface Vlan1
nameif inside
security-level 100
10.5.0.1 IP address 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
1.1.1.4 IP address 255.255.255.0
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
passive FTP mode
clock timezone IS - 5
clock to summer time EDT recurring
DNS server-group DefaultDNS
buydomains.com domain name
permit same-security-traffic inter-interface
permit same-security-traffic intra-interface
inside_access_in list extended access permit icmp any one
inside_access_in list extended access permitted tcp a whole
inside_access_in list extended access udp allowed a whole
inside_access_in of access allowed any ip an extended list
outside_access_in list extended access permit icmp any one
outside_access_in list extended access udp allowed any any eq isakmp
IP DatacenterNetwork 255.255.255.0 OfficeNetwork 255.255.255.0 allow Access-list extended pixtosw
pixtosw list extended access allow icmp DatacenterNetwork 255.255.255.0 OfficeNetwork 255.255.255.0
IP OfficeNetwork 255.255.255.0 DatacenterNetwork 255.255.255.0 allow Access-list extended pixtosw
pixtosw list extended access allow icmp OfficeNetwork 255.255.255.0 DatacenterNetwork 255.255.255.0
outside_cryptomap_66.1 list of allowed ip extended access all OfficeNetwork 255.255.255.0
outside_cryptomap_66.1 ip OfficeNetwork 255.255.255.0 allowed extended access list all
outside_cryptomap_66.1 list extended access permit icmp any OfficeNetwork 255.255.255.0
outside_cryptomap_66.1 list extended access allowed icmp OfficeNetwork 255.255.255.0 everything
pager lines 24
Enable logging
asdm of logging of information
Within 1500 MTU
Outside 1500 MTU
IP verify reverse path to the outside interface
ICMP unreachable rate-limit 1 burst-size 1
ASDM image disk0: / asdm - 623.bin
don't allow no asdm history
ARP timeout 14400
NAT-control
Global 1 interface (outside)
NAT (inside) 1 0.0.0.0 0.0.0.0
inside_access_in access to the interface inside group
Access-group outside_access_in in interface outside
Route inside 0.0.0.0 0.0.0.0 1.1.1.1 1
Route OfficeNetwork 255.255.255.0 outside 1.1.1.1 1
Timeout xlate 03:00
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-registration DfltAccessPolicy
Enable http server
http 10.5.0.0 255.255.255.0 inside
No snmp server location
No snmp Server contact
Server enable SNMP traps snmp authentication linkup, linkdown cold start
Crypto ipsec transform-set esp-SHA-ESP-3DES-3des esp-sha-hmac
Crypto ipsec transform-set ESP-AES-256-SHA 256 - aes - esp esp-sha-hmac
Crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
Crypto ipsec transform-set ESP-DES-SHA esp - esp-sha-hmac
Crypto ipsec transform-set ESP-DES-MD5 esp - esp-md5-hmac
Crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
Crypto ipsec transform-set ESP-3DES-MD5-esp-3des esp-md5-hmac
Crypto ipsec transform-set ESP-AES-128-SHA aes - esp esp-sha-hmac
Crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
Crypto ipsec transform-set ESP-AES-128-MD5-esp - aes esp-md5-hmac
Crypto ipsec transform-set esp-aes-256 walthamoffice, esp-sha-hmac
life crypto ipsec security association seconds 28800
Crypto ipsec kilobytes of life - safety 4608000 association
Crypto dynamic-map ciscopix 1 corresponds to the address outside_cryptomap_66.1
Crypto dynamic-map ciscopix 1 transform-set walthamoffice
Crypto dynamic-map ciscopix 1 the value reverse-road
map dynmaptosw 66-isakmp ipsec crypto dynamic ciscopix
dynmaptosw interface card crypto outside
crypto isakmp identity address
crypto ISAKMP allow outside
crypto ISAKMP policy 10
preshared authentication
3des encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 13
preshared authentication
aes-256 encryption
sha hash
Group 2
lifetime 28800
crypto ISAKMP policy 30
preshared authentication
aes-256 encryption
sha hash
Group 2
life 86400
No encryption isakmp nat-traversal
Telnet 10.5.0.0 255.255.255.0 inside
Telnet timeout 5
SSH 10.5.0.0 255.255.255.0 inside
SSH timeout 5
Console timeout 0
management-access inside
dhcpd address 10.5.0.2 - 10.5.0.254 inside
dhcpd allow inside
!

a basic threat threat detection
Statistics-list of access threat detection
no statistical threat detection tcp-interception
NTP server 66.250.45.2 source outdoors
NTP server 72.18.205.157 source outdoors
NTP server 208.53.158.34 source outdoors
WebVPN
attributes of Group Policy DfltGrpPolicy
VPN-idle-timeout no
username admin password encrypted
tunnel-group 1.1.1.1 type ipsec-l2l
tunnel-group 1.1.1.1 ipsec-attributes
pre-shared-key *.
!
!
!
type of policy-card inspect dns preset_dns_map
parameters
message-length maximum 512
!
context of prompt hostname
Cryptochecksum:7f319172e5de9c0e550804a263f8e49e
: end

Mattew, obvious lack of education is the rule exempt from nat for your tunnel, your access list pixtosw is similar on this example, I assume that you have gone through this link, if it does not see the configs on both sides.

Add the statement of rule sheep in asa and try again.

NAT (inside) 0-list of access pixtosw

http://www.Cisco.com/en/us/products/HW/vpndevc/ps2030/products_configuration_example09186a008052c9d4.shtml

Concerning

Problem with VLAN between Cisco Catalyst (3560G) and SG300-52

Similar Questions

Maybe you are looking for