Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,Is it possible to establish PBR rules that set the ip next-hop to point directly to the inside interface of the ASA5550?Or, do I need to direct this PBR traffic first to a directly connected router interface and then default route to the ASA?At a ...
We have the following VPN topology working successfully:Redundant PIX520 Firewalls (IOS 5.2.1)VPN Client 1.1Crypto dynamic-map setting for Corporate VPN usersLocal IP address poolWe now want to provide authentication through the Secure ACS (2.6) NT 4...
Thanks Federico,I thought that was in fact the case - that it is possible to policy route directly to the ASA interface ip address, but wanted to confirm.Thanks again for your responses!Best regards.Rob
Hi Federico,Thanks for the reply!I know how to use PBR and I do realize that PBR is not supported ON the ASA.My question is can I use PBR to set an ip next-hop that points to the ASA inside interface?In my scenario above, I do not want to make a whol...
You can depending upon your network topology. We have recently completed a successful deployment of redundant 11503's with two GE interfaces, connected to Catalyst 6513's at the core. At the recommendation of our Cisco SE, we have architected a sim...
Hi John,Thanks for the reply. TAC was basically stumpted...they didn't have any clear-cut examples for configuring the ACS NT Server, other than what's already on CCO. I agree that it could be IOS related. Are you running a version later that 5.2(...
