I´ve just added the IDSM-2 blades on a 6500 and configured it but it did not work as I planned.
This picture is a little scale what I tried to do, actually I had more vlans on the inspection.
I have 2 cores and a portchannel trunk in between them and for redundancy I´m using HSRP as the config shows.
After I congfigured I´ve got these msgs and I could not figure out how to stop it:
%MAC_MOVE-SP-4-NOTIF: Host 001a.a2e4.e800 in vlan 6 is flapping between port Gi6/d1 and port Po1
%MAC_MOVE-SP-4-NOTIF: Host 001a.a2e4.e800 in vlan 7 is flapping between port Gi6/d1 and port Po1
MAC 001a.a2e4.e800 is from Core2
%MAC_MOVE-SP-4-NOTIF: Host 0022.557b.c340 in vlan 6 is flapping between port and port Po1
%MAC_MOVE-SP-4-NOTIF: Host 0022.557b.c340 in vlan 7 is flapping between port Po1 and port
Mac 0022.557b.c340 is from Core1
There was only one VLAN pair that did not have this problem, which was the VLAN L2 for the ISP router and the VLAN Outside for the FWSM . It also was the only VLAN that did not have HSRP working, I dont know if it has something to do.
The Core 1 is the STP Root with priority of Zero and the Core 2 is the Backup Root with priority 4096
I see this log message frequently when using a switch to feed an IPS sensor if the same Ethernet frame is entering the same VLAN on two different interfaces. I can;t tell how your traffic is flowing but I think you have the same issue.
In my case it was not anything to worry about so I just ignored the messages.
User Experience Enhancements
As part of the Cisco Common User Experience program, we are working towards a more uniform user experience and terminology alignment. This program runs across all Cisco security products.
Early Access introduces a...
This video features a step by step walk through of configuring Cisco AnyConnect on FTD managed by FMC. Timestamps included for certificate installation, Access Control, Licensing, NAT, and Deployment failures.
I am trying to solve a CSR signing issue in a home lab.Can someone clarify this theoretical point? According to Wikipedia: "Before creating a CSR, the applicant first generates a key pair, keeping the private key secret. The...
Threat Response integrates with Cisco's Web Security Appliance (WSA) to provide visibility into web-bourne threats. By adding a Web Security or SMA Web module to Threat Response, investigators will be able to search for domains, URLs, and file hashes th...
I was helping some friends and they were trying to solve a scalable VPN issues, specially these days with the pandemic situation.
I recommended to implement ASA VPN Load-Balancing.
This will allow to keep 1 FQDN for all RA-VPN users an...