Cisco Community
English
Register
Register
cancel
turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
balaji.bandi
balaji.bandi
Member since ‎05-19-2013
Collaborator
Personal Web Page : http://www.balajibandi.com/
1775
Posts
1062
Helpful
129
Solutions
Recent Badges
600 Helpful Vote
50 Accepted Solution
300 Helpful Vote
15 Accepted Solution
100 Helpful Vote
View All
Recent Badges
Awards

Re: Site to Site VPN LAB ASAv

Created by balaji.bandi Collaborator in VPN and AnyConnect
‎07-12-2018 03:09 PM
‎07-12-2018 03:09 PM
ASDM give you step by step procedure for creating VPN Site to Site below full example help you to start with.   https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/113486-ikev2-s2s-tunnel-00.html   BB ... View more

Re: How to open Port 4000 on Cisco ASA ...

Created by balaji.bandi Collaborator in Firewalls
‎07-12-2018 03:07 PM
‎07-12-2018 03:07 PM
Simple access-list should work, tweak as per your requirement.   access-list outside_access extended permit tcp any object inside-server1 eq 4000 BB  ... View more

Re: Asterisk and Cisco call manager Exp...

Created by balaji.bandi Collaborator in IP Telephony and Phones
‎07-12-2018 02:58 PM
‎07-12-2018 02:58 PM
High level implementation and it easy to test.   create a SIP Trunk on both the vendors and register each other.   So * will register cisco, Cisco register *, so you have both the SIP communication up create a dialplan to route the call from cisco to * and vice versa   Many real world example posted, spend 15min you can nail the issue easily.   BB ... View more

Re: Netflow Collector destination host ...

Created by balaji.bandi Collaborator in Application Centric Infrastructure
‎07-12-2018 04:27 AM
‎07-12-2018 04:27 AM
We are not sure what switches model you have issue.   please check the below URL and Limitation   https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/kb/b_KB_Cisco_APIC_and_NetFlow.html#id_41519   BB ... View more

Re: Simple HTTPS Access (Intranet) not ...

Created by balaji.bandi Collaborator in Firewalls
‎07-11-2018 05:35 PM
‎07-11-2018 05:35 PM
xx.xx.xx.151 - iam guessing this is public internet routeble IP, is this correct ?   Do you have NAT rule for your internal IP ? (172.25.205.5-172.25.205.250).   RFC 1918 - can not go directly to internet, you need to do NAT in the WAN end router/or device.   if you can show the network topo, we can suggest much better.   BB   ... View more

Re: EIGRP over Site-to-Site IPSec VPN T...

Created by balaji.bandi Collaborator in Routing
‎07-11-2018 05:28 PM
‎07-11-2018 05:28 PM
Below Link give you the limitation :   https://www.cisco.com/c/en/us/td/docs/security/asa/asa97/configuration/vpn/asa-97-vpn-config/vpn-vti.html   BB ... View more

Re: AnyConnect remote site selection

Created by balaji.bandi Collaborator in VPN and AnyConnect
‎07-11-2018 05:12 PM
‎07-11-2018 05:12 PM
From my notes :   ==AnyConnect Profiles XML and profile files are stored locally to the users machine. The location varies based on OS. Windows XP %ALLUSERSPROFILE%\Application Data\Cisco\Cisco AnyConnect Secure Mobility Client\Profile Windows Vista %ProgramData%\Cisco\Cisco AnyConnect Secure Mobility Client\Profile Windows 7 %ProgramData%\Cisco\Cisco AnyConnect Secure Mobility Client\Profile Windows 8 %ProgramData%\Cisco\Cisco AnyConnect Secure Mobility Client\Profile Windows 10 %ProgramData%\Cisco\Cisco AnyConnect Secure Mobility Client\Profile Mac OS X /opt/cisco/anyconnect/profile Linux /opt/cisco/anyconnect/profile   BB ... View more

Re: Nexus 9500 Max Amperage Consumption

Created by balaji.bandi Collaborator in Other Data Center Subjects
‎07-11-2018 05:05 PM
‎07-11-2018 05:05 PM
It all depends on what module you buying along with N9K.   check below document will help you.   https://www.cisco.com/c/en/us/products/collateral/switches/nexus-9000-series-switches/solution-brief-c22-730049.html   BB ... View more

Re: Dynamic IP to Static IP IPSEC VPN T...

Created by balaji.bandi Collaborator in VPN and AnyConnect
‎07-11-2018 04:56 PM
‎07-11-2018 04:56 PM
Can you paste the working config and Log errors you getting while phase 1 process. vs working phase 1 success one.   BB   ... View more

Re: Cisco asa multi context failover mo...

Created by balaji.bandi Collaborator in Firewalls
‎07-11-2018 03:11 PM
‎07-11-2018 03:11 PM
You can make Active / Active in the multi context   Like ASA1 for context 1 active ASA2 context 1 standby    ASA1 for context 2 standy  ASA2 context 2 active    To achieve this, your hardware should be same and  same OS running on both FW   looks like you have 1 X  and another normal, please check before you implementing.   BB ... View more

Re: VPN Between Interfaces

Created by balaji.bandi Collaborator in VPN and AnyConnect
‎07-11-2018 03:08 PM
‎07-11-2018 03:08 PM
If i understand correctly you looking dirty link as fail over link for the main link.   this means your main link fails you want to send traffic to corporate network using dirty link.   In this case yes possible,   If this is not answered your question. explain more.   BB ... View more

Re: ASA 5506W static NAT - no access

Created by balaji.bandi Collaborator in Firewalls
‎07-11-2018 02:56 PM
‎07-11-2018 02:56 PM
 nat (any,outside) dynamic interface   nat (inside,outside) source dynamic obj_any interface   Start with simple nat rule and try it works, if basic rule working then start building complex rule, by understand each rule before applying.   BB  ... View more

Re: Asa 5516 HA

Created by balaji.bandi Collaborator in Firewalls
‎07-11-2018 02:46 PM
‎07-11-2018 02:46 PM
HA Means minimum x 2, so if you organisation looking resilience for the business, you need to have 2 physical hardware for sure.   BB ... View more

Re: Verify routing Catalyst 3650

Created by balaji.bandi Collaborator in Switching
‎07-11-2018 02:44 PM
‎07-11-2018 02:44 PM
Just looked at the config   interface TenGigabitEthernet1/0/48 description To Firewall switchport mode trunk channel-protocol pagp channel-group 1 mode desirable ! This is the interface you like to connect to FW, is this correct.   As you said you have FW before and connected to switch each interface sepaeatly and you want to consolidate.   In case always add 2 interface to port-channel so you have redundacy for the link failure.   suggest is LACP always for the best practice, until you have specific requirement.   and you need to have that VLAN SVI interface configured in the switch and they should allowed in the trunk. same on FW also.   Make sense ?   BB   ... View more

Re: Requirements for a floating route

Created by balaji.bandi Collaborator in VPN and AnyConnect
‎07-11-2018 02:33 PM
‎07-11-2018 02:33 PM
Can post the both the side config ?   BB ... View more
Public Statistics
Date Registered ‎05-19-2013 11:51 PM
Date Last Visited
Total Messages Posted 1,775
Total Helpful Votes Received 1062
Helpful Votes Given To
View All
Helpful Votes From