I have been told to block all IPs outside of the United States to a particular server on the inside interface. My plan is to make an allow ACL for an object-group that contains the network0objects for ALL of the subnets currently registered to the U...
I'm trying to connect to two servers each with a pair of gig bonded NICs. I have set up two port channels, 14 and 15 - switchport mode access for VLAN 14.
I assign 2 gig interfaces each to the port channels. When I do a show run, the 'switchport ...
Gi1/0/1 - 1/0/6 and Gi2/0/1 - 2/0/6 are access interfaces and connected to 6 ESA hosts' management interfaces set to active/active HA. 1/0/2 and 2/0/1 are constantly flapping.
STP shows all 12 interfaces Desg FWD Cost:4 as expected.
The ESA's ...
I successfully ran the Anyconnect VPN Wizard.
During testing I browsed into the Web Launch to download the Anyconnect .msi and successfully installed it.
I can connect to the ASAv with Anyconnect, but now if anyone tries to browse to the ASA Web LA...
Gentlepeople,
I have a customer hammering my links with Microsoft backups/syncs/etc and I wanted to bias them out a mostly unused 500M connection we have. I built this to bump the local preference from 500 which three of my peers share. My target ...
Oh hell yes it does keep them in memory. I've cut my Access Rule to two servers and three services and still have 386K elements. Is there any way to get these on the CF card?
show access-list | i elementsaccess-list 100; 8 elements; name hash: 0x...
After adding 65,000+ (I was incorrect in the title) network objects and put them in a Network Object Group, the used memory only went up a few Meg. I also made a Network Object Group of the 8 Server's IPs. I then made one Access Rule with with the ...
Bogdan,
I am reasonably confident in the hardware handling the list, but my concerns are using 65,000 network-objects in an allow ACL would crush new inbound sessions trying to connect to that server. Even if I moved that server's ACLs to the botto...