Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi Everyone,I have a 3560G connected to an ASA FW, both running layer 3 and hosting 6 or so VLANs. The switch is the default gateway for all VLANs (client request) and therefore see's all networks as connected. I used route maps to push the traffic f...
Hi Everyone,I have a Cisco L3 switch that I have configured route maps on to amend the next hop to be a firewall. The destination network for the traffic is also connected to the switch (therefore directly connected network), but my issue is this.If ...
Hi Everyone,I am very new to working with these devices but am looking for some help in getting the AIP-SSM10 to scan FTP traffic that passes the FW. I have generated the traffic (FTP) and it has been successful, but it doesnt seem to go via the IDS ...
Hi Everyone,I have a 3560G and an ASA FW, for which I am trying to use PBR to append the next hop. The gateway is the switch VLAN address and the amended net hop is the same VLAN interface on the ASA. Trouble is, I can ping the FW from a client, but ...
Hi Everyone,I have a 3560G with 3 VLANs connected to a Cisco ASA with the same VLANs. I want to have the switch interface for each VLAN as the default gateway for clients and then forward this traffic to the ASA for firewalling. Problem is, due to th...
you shouldnt really use VLAN1 as its used by things like CDP and therefore if it gets compromised, so do the hosts on it. Better to change the default VLAN to something else and not use VLAN 1 for any hosts/servers.Dan
thanks Edison.Im trying to find a workaround for my previous question, but the route map statement isnt supported on 3560G. Any ideas on how I could get around this?Dan
Hi Dan.No, even when I only have one verify entry per map it still doesnt work, its only when I remove the verify and replace with set ip next-hop that it works. Cisco have screwed us in the fact they support verify-availability, but not at an inter...
