[c-nsp] site-to-site IPSEC VPNs with IOS 12.4(11)T and ASA 7.2(2)
Hans Tappas
hanst at altern.org
Wed Mar 28 00:28:04 EST 2007
I've experienced several bizarre bugs with 12.4(11)T on IPSec VPN
deployments using 800s and 7200s or ASAs at several customers. Broken
MVAPs, broken DVTI with EzVPN, broken DNS server, broken
split-tunneling, broken VPN group auth and so on. Most are confirmed
as bugs by TAC.
Cheers,
H
At 27/03/2007, Adrian Chadd wrote:
>Hiya,
>
>My coworkers have reported seeing issues with various upgrades to IOS and ASA
>software revisions as of late. The symptoms are "IPSEC tunnels don't
>establish"
>between the latest ASA software (updated for the security fixes) and
>some issues
>with with 12.4(11)T advanced ip services/security where the IPSEC
>sessions would
>establish and pings worked, but nothing else did. Downgrading to IOS 12.3 or
>12.4(9)T and ASA 7.1(2) fixed things.
>
>I'm going to start digging further and log TAC cases, but has anyone
>seen similar
>behaviour with recent 12.4T and ASA software revisions?
>
>
>
>Adrian
>
>_______________________________________________
>cisco-nsp mailing list cisco-nsp at puck.nether.net
>https://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>!DSPAM:4609dcc7167616491211187!
More information about the cisco-nsp
mailing list