To keep the VPN connection alive all the time we need to configure SLA monitoring in our CISCO deviceĬiscoasa(config-sla-monitor)# type echo protocol ipIcmpEcho 172.16.8.4 interface outsideĬiscoasa(config-sla-monitor-echo)# frequency 5Ĭiscoasa(config)# sla monitor schedule 1 life forever start-time nowĬiscoasa(config)# icmp permit any outside First run: show flash You should see the asdm image there. Initial ISE Configuration Installing ISE 2.
Open CLI of you CISCO ASA device, we need to configure SLA monitoring as AWS bring the VPN connection down if it does not see the network traffic on the tunnel. If you’re getting a: HTTP: processing GET URL ‘/admin/public/index.html’ from host error from the browser. This post will describe the basic steps in order to install Cisco ISE 2.4 from ISO image, build a cluster and integrate with Active Directory.Note the private IP address that is automatically assigned to your new instance.Promote a EC2 instance with your newly create VPC.Follow the same step to configure second tunnel-group that you have on that VPN text file.Enter the remote network configuration as below.Enter the pre-shared-key that they have provided.Enter the IP address that you have in the downloaded file – as tunnel-group.
Connect your laptop serial port to the primary ASA device using the console cable that came with the device. Select site-to-site VPN, VPN tunnel interface as outside and click next While the example mentioned here was done on Cisco ASA 5520 model, the same configurations will work on other Cisco ASA 5500 series. Cisco ASA Firewall Fundamentals - 3rd Edition : Step-By-Step Practical Configuration Guide Using the CLI for ASA v8.x and v9.x by Harris Andrea Overview - This book has been available only in eBook format for several years and has been embraced by thousands of Cisco ASA professionals, from beginners to experts.Go to VPN connection link, select your VPN and click on download configuration.Select your subnet and click save button.Select the correct route table from the list (associated with 2 subnet).After you see the successful creation of you VPC, go to route tables.Configure the AD Agent to communicate with the ASA.
Additionally, you must configure the AD Agent to obtain information from the Active Directory servers. The AD Agent must be installed on a Windows server that is accessible to the ASA.
Assuming that you AWS Private subnet will be: 172.16.4.0/24 The ASA must be running minimum 8.4.2 code to be able to configure IDFW feature.Enter IP firewall outside IP, enter name for gateway and VPN.Enter configuration details as below (assuming your network will be 172.16.4.0/24).Click on VPC with Public and Private subnets – (assuming that you network will have internet access as well) and click on Select button.From VPC Dashboard click on Start VPC Wizard.