Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi all,I am testing Cisco ASA H-A with our ACI switches. i m using port channel on ASA + vPC on the ACI switches.I have two port channels1) data --> inside and outside with sub-interfaces as po1.114 and po1.115 for example2) failover --> po2 (g1/7 an...
Hi all respected members,We have some 2960G-48TC-L and C2960-24PC-L switches in our network. They are working perfectly but i was thinking to upgrade them with newer Cisco models. i need suggestions about that.Should we replace them or not. what is t...
Hi all respected members,
yesterday my sales personals were asking me that if we can deliver the internet on multiple sites using the ASA 5516-X in a active/standby model using bgp or L3VPN.
I have attached the picture what they really want.
I am not...
HI Respected members,
I am reading VACLs for my CCNP these days. The official book has some text that i didnt understand. please help me to understand these concepts.
Q1) The text says
"When a flow matches a deny ACL entry, it will be checked against...
Hi respected members,I need your suggestions to get the following features from WAF (Web Application Firewall). I have no idea about that.which solution will provide these features.1) Bruteforce attack detection.2)Wrong password and username detectio...
Thanks alot for your quick reply.
I am sorry for late response.
In this particular example
For example you have the following sequence:
access-list 100 deny ip any any
access-list 100 permit tcp host 1.1.1.1 any eq 80
1) Point nr 1:
What will be t...
Thankyou for your reply marvin. Cisco does ot make a WAF per se.???you mean cisco does not make a WAF (Web application firewall)if so than what do you suggest we should look for. i think than we need some other vendor for WAF. Item #3 is certainly de...
Hi Richard,
I am sorry for not so clear in my text.
Its SITE to SITE VPNs = 200 + in total.
As ISP we have the possibility to make a new internet connection for them and than use that connection for the termination of Site to Site VPNs.
But rememb...
HI karsten,
I think you mean, i need to put an ACL from inside to any or outside and allow the dns or other traffic
but there is a general rule that allows the ip allow from inside to outside for their internet.
Can you explain what exactly you by al...
