[117970] in North American Network Operators' Group
Re:
daemon@ATHENA.MIT.EDU (Dane Newman)
Wed Oct 7 13:29:40 2009
In-Reply-To: <EED295609D63094C9503112CEB7D00F1B0DF89D273@DCEX01.ipcfcdom.inphonic.com>
Date: Wed, 7 Oct 2009 13:29:00 -0400
From: Dane Newman <dane.newman@gmail.com>
To: John Hodges <jhodges@simplexity.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
yup you lose alot in mutli context mode such as vpn, and routing protocols.
It basically just becomes a true stateful firewall.
On Wed, Oct 7, 2009 at 1:26 PM, John Hodges <jhodges@simplexity.com> wrote:
> I was in ASA class just last week and asked about this exact issue.
>
> I was told that at this time you cannot do the IPSec VPN in Multiple
> context mode (due to the ASA not being able to keep track of the SA). This
> is a software issue that Cisco is working on and has in test at this time.
> No timeframe for release though.
>
> -John
>
> -----Original Message-----
> From: Jason Bertoch [mailto:jason@i6ix.com]
> Sent: Wednesday, October 07, 2009 1:03 PM
> To: nanog@nanog.org
> Subject: Re: <Help - Unable to builld a IP-SEC VPN on a Cisco ASA 5520>
>
> Michael Ruiz wrote:
> > Group,
> >
> >
> >
> > I am stuck like chuck. We are unable to activate a VPN
> > in one of the virtual firewall context. Under the crypto commands, none
> > of the IP-sec are available. Any help on this would be appreciated.
> > Version we running is 8.0(4)
> >
> >
> Isn't VPN only available in single-context mode?
>
>
>
