Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Our vulnerability scan found that all 4948 and 3750 switches are having a vulnerability of "SSH Birthday attacks on 64-bit block ciphers (SWEET32)". However, the other models like 3650/3850/4500 are not having this vulnerability. Could anyone help me...
Hi AllI need help regarding setup of a new backup connection between my DCs. The link is terminated on edge routers in each DC, namely DC1-edge and DC2-edge. There is EIGRP (As 40) running between two edge routers. On DC-1, we have eBGP between DC1-c...
Hi All, I am very new to Cisc/ASA and maybe this question is very basic but I couldn't get it. We have a crypto-map configured with a client and have used an ACL to define the interesting traffic. There is no Tunnel interface attached to it. We only...
Hi, I have two BGPs configured on my core router. One is with P2P link to another location (site B). Other is with MPLS circuit which connects all other sites. Now, my routes from site B are being learnt from P2P bgp while of other sites from MPLS. T...
Hi, I am new to cisco and still learning my way around. My questions is we have BGP neighborship configured on Cisco 4500 switch and distribute-list is used. neighbor <IP> distribute-list 20 inneighbor <IP> distribute-list 21 out From what I learnt...
Hi Giuseppe, Thanks. I also tried the same but it didn't help. I had one more query if you could help. I was looking to fix weak key exchange algorithms on my switch. I could do it on 3650 switch with command ip ssh server algorithm kex diffie-hellma...
Hi @Giuseppe Larosa Thanks a lot for your reply. I wasn't aware of this command. Just to confirm, can I use the same method for redistribuiting eigrp into eigrp (another AS). Can you please also suggest something for this. >> Similary, on DC-1 core ...
Hi Rob, Thanks for your reply but, I am sorry as there is still a little confusion. I understand your point that since we have connection type as answer-only, it is client who has to initiate the traffic. But, my ACL allows from Source (internal-IP) ...
