About aa

aa · 07-24-2008

Hope someone can provide some advice.What is the best design for a redundant infrastructure?The components are:2 x 3750G switches (stacked)2 x ASA5520 Firewalls - Active/Passive2 x F5 load balancersFirewalls are up front and load balancers are in the...

aa · 07-09-2008

Hope someone can make a recommendation:What is the best practice for the upstream connection at an Internet datacenter colo?The connection from the ISP is an ethernet cable.One option is to use a catalyst switch with a routed port. Traffic would then...

aa · 06-21-2008

Does anyone ever use outgoing interface ACL's?What is the purpose?Where would it be useful?

aa · 06-16-2008

Cisco ASA does not allow an interface to be contacted by hosts attached to another interface. Meaning: if I am on an internal interface, I cannot reach the external interface IP.This is so irksome. Because it means that internal hosts cannot VPN to t...

aa · 06-13-2008

Does anyone know how to or if it's even possible to use a different split tunnel ACL for one single VPN profile depending on which interface is being used as the VPN end point?

aa · 07-09-2008

Thanks for the reply.So you are suggesting that the firewall be chosen as the edge device to the upstream provider.Putting the interfaces in the same vlan or directly connecting them are essentially the same thing from an architecture perspective.I t...

aa · 06-23-2008

Thanks for the reply.I think I've solved the issue by using DNS rewriting.Consider an internal and external network.A user with a laptop has a vpn profile that points to vpn.company.com- an external ip.The user can use the vpn profile when on the Int...

Re: 2 interfaces 1 vpn profile · 06-19-2008

Here is the solution to the problem.So if you want to be able to use 1 profile in the Cisco IPsec client, or to use one standard URL to establish SSL VPN connections, REGARDLESS of the ASA interface involved, here is what you do:A service policy can ...

aa · 06-13-2008

Thank you.The intention is not to use Cisco ACS.Do you have any other suggestions?

aa · 08-02-2007

Thanks for reply.So does that mean that SFP cables can be used to directly connect SFP ports on 2 different catalyst switches?I'm trying to avoid having to buy SFP modules, which then sticks out of the port and is probably more expensive also.Thanks ...

Member Since	‎01-26-2007 02:44 PM
Date Last Visited	‎04-21-2020 10:37 PM
Posts	30
Total Helpful Votes Received	15

User Statistics

User Activity

Redundant Design Question

Datacenter upstream connection

outgoing interface ACL

irksome cisco asa behaviour

split tunneling

Re: Datacenter upstream connection

Re: irksome cisco asa behaviour

Re: 2 interfaces 1 vpn profile

Re: Securid and Cisco Aironet

Re: SFP Interconnect Cable