Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
i, my Hardware:C1131X-8PLTEPWEIOS Version 17.15.3aI’m currently trying to map my classic ACLs into ZBF.That has worked fine so far, but I don’t understand the Self-Zone logic. Even if I activate the zone member to my wan interface:interface GigabitEt...
Hi,my deployment contains C9800-CL WLAN controller and a few C9120 WLAN AP's.Now I try to switch from WPA2 to WPA3 for our ios only Clients.All devices supports it and are brand new. I configured WPA3 Only mode, PMF: requiredFT + SAE and FT Enabled (...
Hi,I try to configure Route-Map to route Traffic to the local Internet Breakout (GigabitEthernet0/0/0).Hardware: ISR-4331iOS-Version: 17.06.05The Client IP "10.9.1.25" should have Internet access via the Route-Map...This do not work.On other old Rout...
Hi.We have 2 of "Firepower 1120" and 1 "Firepower Management Center (FMC)", all in Version "6.6.4".We like to Upgrade to newer Release.How is the update routine?First FMC?Then the FTD ?Can I go directly to 6.6.7 and then to 7.0.4 ?...Which intermedi...
Hello, we've CUCM and Cisco IMP on Version 11.5.1.12900-25. We are initially configure persistent chat rooms.External Database is connected on IMP with MS-SQL Server 2019.All fine there. But if I create any Rooms in Jabber Client, the room not appear...
Please read the documentation..https://www.cisco.com/c/en/us/support/docs/security/ios-firewall/98628-zone-design-guide.html#toc-hId--728739031 Here it says exactly the way I described it.
No, it doesnt matter..If a class-map has only one match statement, it makes no difference whether you use match-all or match-any, because there’s nothing to combine with AND/OR logic.The difference only matters when you configure multiple match state...
I don’t think it’s because of the object-group.The rule for SSH and ICMP isn’t using an object-group anyway… And by “Match any” you mean for example:class-map type inspect match-any CM_SELF_INmatch access-group name ACL_SELF_IN ?? I thought that sinc...
I’m sorry, but I don’t quite understand. Can you give an example of what you mean by “object Network” where I should use “subnet” instead!? And “Match-all” is correct, isn’t it?Because only 1 match is entered on 1 ACL, right?
