Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello all,I have 2 data centers conencted via WAN and each has their own Internet conenction. One of the site's Internet is close to maximum bandwidth and we want to use the second site's Internet for future connections. The problem is the core swi...
Hello All,I am in the process of evaluating our disaster recovery plans and found that my company has redundant network connections, but does not have it implemented in a way that allows recovery of a failure. My company has 4 locations, all conenct...
I have an ASA, an ACS appliance, Active Directory, and RSA securID. SSL users should only authenticate with AD, while IPSec users should only authenticate with RSA. Not yet using anyconnect.here is my scenario:ACS -- AD - Dynamic users are created ...
We are currently using checkpoint and are moving to ASA5520. We also have a clientless SSL vPN appliance to roll into the ASA too.My question is, how can I use the ASA for SSL VPN and IPSec VPN with RSA secureID? Can I do this for a select group of...
It has been recommended to me to converge my internal network and public Internet into a single 6509 switch with FWSM. I was told to do it with VLANS and that it would have line speed performance. How can this be done?
Jerome,Thanks for the quick responses. I agree, I am probably not doing this in the most optimal way. PFR does look cool, but I don't have the hardware to implement this in my network. I don't have any routers since my 3750 switches are doing all...
Yes, that is correct. But, I haven't been able to find any other solution other than NATing the second connection through a private IP address that can be routed across the WAN instead of going back over the local Internet.
Thanks, I will review the link and other NAP info. I also heard about using the IETF RADIUS Attributes # 25 class to set this to match the profile name in the ASA. Will this do the trick and only allow users in the correct groups to authenticate an...
