Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello everyone, I've come across a strange issue with a VPN running between 2 2600 routers. This affects only one of the two routers.Basically, there is an intermittant failure of ISKMP negotiation. An ACL is filtering the 'outside' interface, though...
Hi all,This is a topic that has come up for discussion within our team a couple of times during the last few months. I wondered what other people's thoughts were on this subject - whether to use seperate physical hardware or VLANs for the creation an...
Hi,I have a reverse proxy which is performing SSL offload and making backend connections to two web servers. Between the reverse proxy and the two webservers, a CSS is in place to load balance between the web servers. There is a requirement for sessi...
Hi there,You are not alone, we've been experiencing exact same problem since April on CSS11503. We have a few of these and associated this with the upgrade to 8.20.4.2. These had also been stable for years beforehand. We have a TAC case and have enab...
Hi,I suspect, though can't confirm (I have no packet captures) that the CSS was initially supporting window scaling when the connection is spoofed client to CSS but that this was not being replicated on the backend. As such, the server was sending a ...
Hi folks,We are also seeing issues after upgrade to 8.20.4.02 with window scaling where clients are attempting to use window scaling and the servers do not support window scaling. With the new feature being enabled by default we also saw the TCP wind...
No, this is all in software. The VPN is very low throughput. I should also add that this is using VRF-aware IPSec, and the ACL is applied inbound on the front-door interface which is in the global routing table. Thanks!
