Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello,I am integrating a remote site in to our enterprise network, which involves removing an existing firewall and replacing it with a Cisco ISR DMVPN router.At most sites, I've been using a fairly basic IOS firewall configuration, but this site has...
Hello,I'm trying to setup Certificate authentication for my DMVPN using one of my hub routers as the IOS CA.Is it possible for the Hub/CA router to generate/issue itself a cert for authentication? The router is rejecting the enroll command, saying t...
Hello,I have a remote 2600 with a BRI that I am trying to get working with a central 2600 with a PRI. All of my other locations with ISDN dial are working.When the router connects, some of the LCP messages get through while others timeout. I though...
Does anyone know if the flow timeouts apply to traffic that is just routed through the CSS?I have some port 80 traffic that I suspect might be getting interrupted by the flow timeout. This traffic does not terminate on the CSS itself, it is simply r...
I've run into an issue with a new scripted keepalive. I've created the script and copied it to a CSS11000. I can run the script manually and it works as expected, however when I add it to a service, it is not run. After the service is activated, t...
Are you running WCCP w/GRE Return in your environment? We just tried to go from 4.1.1c to 4.1.3 Sunday evening, and had significant problems. The remote WAE's went offline to the CM, and no TCP connections between sites were working. Based on our ...
You could use a source-group configuration on the CSS to NAT the clients' IP addresses to a CSS address. This would force the return traffic back through the CSS. This is typically used in a one-armed situation.
That sounds very similar to the Apache v-hosting issues I've run into in the past. I'm not an Apache admin, but my understanding is that the web server is setup in such a way that it expects to see request headers containing the URL for the site. I...
I'd recommend against a "get" keepalive unless you need to fail the server in the event that the content changes.If you do a keepalive method "head" (which is default with "keepalive type http" set), the CSS will just look for a "200 ok" message from...
