Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi everybody,I have this network in which in need segmentations in two different VLANs, one for the Administration and another for ACADEMIC pourpuse.Because the network is in production, I can only create the ACADEMIC VLAN (VLAN 20) and I have to lef...
Currently I've been working on the configuration of several IOS Zone-based Firewall (over ISR2801 with IOS 12..4(15)T12) and I've read about the features and limits of the Self-zone for the router outbound and inbound traffic. I really prefer use the...
Hi Yudong,thanks for the reply, when you said:"The traffic from internal to VPN client again will be forwarded to ISP2 link accordingly since after VPN client is connected, a static route will be added automatically in the routing table which points ...
hi Fabio, I think i solve it (or for my case it works). It is possible to use the inspect action on a policy for the Self-Zone, but you have to keep in mind this:when you use this kind of config: class-map type inspect match-any out-self-cmap ...
hi diego, the link between the HQ router and Branch routers is provided by an ISP through FrameRelay connection for some Branch offices and MPLS for others. So, the ISP give me Invalid IPs for the WAN links (i.e: 10.50.70.0/30 or 10.50.70.40/30). Som...
hi diego, thanks for your cooperation. I have a question about when you said "Yo can use this policyclass-map type inspect match-any ExampleCMmatch protocol sshmatch protocol httpsexitpolicy-map type inspect ExamplePM-TESTclass type inspect ExampleCM...
