Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello,I am confused about what I am seeing based on other posts/documentation and what I see in packet-tracer. Example: Example:----Objects----object-group network LOCAL network-object 10.1.1.0 255.255.255.0object-group network LOCAL-NAT network-obje...
Hello everyone,I am labbing a theoretical situation (and maybe a solution for something) and cannot get it to work, if anyone can provide feedback please do (This includes if this is dumb idea or a better way to handle an active/passive tunnel to the...
Hi all, hopefully someone can provide some clarity on what is happening.I have two routers, R1 and R2, tunneling to eachother R1 - R3 - R2I am labbing some IPsec tunnels using Crypto maps, IPsec profiles, and VTI.When I use a crypto MAP, I get a sing...
Hello all, I am labbing up some BGP stuff and am confused as to what is going on here. R1 and R2 are in AS 15, R3, R4 and R5 arein AS 10 and R6 is in AS 5.R1 and R2 have loop back interfaces in 100.100.100.0 and am advertising those using network sta...
Hello everyone, currently learning about route maps and labbed some stuff.I was wondering if there was something up with my lab (CML2) or if this is normal behavior.I have EIGRP running between two routers.one of the router I have a route map set to ...
Hello Sheraz,Thank you for the response.Are you sure that those order of operations are correct? What you posted seems to contradict how the crypto map is written and contradicts what I see in my packet-tracer tests.When you write a crypto map ACL, y...
Hi mhm,I am unclear what you are suggesting. Are you saying a track on the router that pings the asa and a route to the remote lan ips that tracks that? Because I’m already doing that with a default route I’m not sure why it would need to be a remote...
The route that the router takes is a default route. I’ve got one default route to isp1 (main vpn interface) being tracked by a track that pings the isp1 peer, and another to isp2 with an ad of 2. The second kicks in once I simulate a failover by shut...
Hello mhm!how is that possible?in my lab phase 1 and 2 settings are identical. I don’t have to change anything except the order of the peers on the ASA. The fact that it comes up when I do that, would imply that Dh group, phase 2, etc should be fine ...
