Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello all, I need to propose a design to a customer that is demanding segregation of LAN traffic into compartments that contain several VLANs that are then policed by a firewall before traffic is permitted to enter/leave that compartment. VRFs seem t...
Hi,
I'm trying to design a DMZ and security architecture that will incorporate a distributed deployment of ISE.
Assuming that each network segment will have a PSN deployed locally within it, is there any way to configure an individual PSN to consul...
Hello all, I have configured an RSPAN monitoring session on a 2950 switch. I have configured a remote-span VLAN from the VTP server switch, and checked on my monitoring source switch (VTP client in the domain) that the VLAN shows up as a remote-span ...
Hello all,I have configured an RSPAN monitoring session on a 2950 switch. I have configured a remote-span VLAN from the VTP server switch, and checked on my monitoring source switch (VTP client in the domain) that the VLAN shows up as a remote-span V...
Thanks - As per the correct answer, location awareness via AD should give a predictable pattern to build an ACL on. For info's sake - the Microsoft registry hacks to turn a Windows server into an NTP server have worked pretty well for me.
OK, buried in one of the 2950 IOS release notes:RSPAN LimitationIn a Remote Switched Port Analyzer (RSPAN) session, if at least one Catalyst 2950 switch is used as anintermediate or destination switchand if traffic for a port is monitored in both dir...
Many thanks for replying Giuseppe - I have tried on 2950's running EI.What is of note, is that if I configure a new trunk, while runnign a constant ping against a target on the monitored source port, I get a single solitary Unicast packet through whe...
