I have an ASA 5516-x that I noticed a strange routing issue on. I am using RIP routing between the ASA and a 3750 stack which has a management and inside interface. When I powered on the asa I could not ping the inside interface but could ping the management OK. I had forgot to set the management vlan to passive on the 3750 stack so the asa was seeing rip updates from both interfaces and applying the routes to only the management routing table which explains why I couldn't hit the inside interface or really it couldn't get back to me. I turned passive on the 3750 for the management interface and I did indeed stop seeing updates which I assumed would age the routes out and then they would apply to the regular routing table. Using debug, I was only seeing rip updates to the inside network but the routes were still getting applied to the management table even though they weren't being seen on this interface. I powered the device off and back on to see if it would update the correct table thinking this would clear all routing entries. Didn't work. I ended up disabling rip on the asa and reenabling it and it finally updated the correct table. Could this be a bug?
Meet the Authors Event - CCIE Security and Practical Applications in Today’s Network: Zero Trust
(Live event – Thursday, 29th, 2020 at 10:00 a.m. Pacific / 1:00 p.m. Eastern / 6:00 p.m. Paris)
This event will have place on Thursday 29th, October 2020 at 1...
My company uses Microsoft Azure AD, and I sign into all my applications using that account. Can I use that account when I sign in?
Yes - all applications that support SecureX sign-on allow direct login with your Microsoft Azure AD accou...
@Rob Ingram @balaji.bandi @Marius Gunnerud Hi Guys, Does ASA saves any logs by default? logs means if some sort suspicious activity happen within network and we want to see what Firewall saw at that time.I...
Attackers will always target the "low hanging fruit": devices that have passed end-of-software maintenance and end-of-support. A few years ago, Cisco described the evolution of attacks against infrastructure devices. All of the attacks discussed in t...
I somehow stumbled upon Cisco's IBNS 2.0 Auto Identity (AI) templates in my CML/VIRL IOSv layer2 image (IOS 15.2(6)).
I find these templates great, because these are the best practices that we tend to hard-code manually - e.g there are...