Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have updated FMC to version 7.6.2. I’m wondering, since my FTD is currently running version 7.4.2.2 — should I first upgrade the FTD to 7.6.2 and then patch FMC to 7.6.2.1?Or, can I patch FMC to 7.6.2.1 right away and then upgrade the FTD to 7.6.2 ...
I need to configure the switches so that every movement, without exception, is treated as best-effort. I have no implementation experience in QoS, so I have prepared this configuration and am wondering if it will be sufficient.switch(config)#qos basi...
I need to configure Hairpin NAT so that I can access the server (203.0.113.2) from the VM (10.10.10.10) via a public IP address. To do this, I first create NAT (1) from INSIDE to OUTSIDE, and then NAT (2) from OUTSIDE to DMZ.However, I am wondering h...
I need to remove my FTDs from FMC, but I can't do that because they are in HA. I also can't break HA because the devices are not reachable (CISCO!!!).I heard that you can remove FTD from FMC CLI, but I can't find the procedure anywhere.If I reimage m...
I am having trouble configuring the C1300 and Dell 6224 switch.On the Dell side, I received the following configuration:The assumption is that traffic in VLAN150 is tagged, and I have no problem with that. The problem is with VLAN1, which is supposed...
If you really want to insure a frame passed "upstream" has a zero CoS value, since you're using a trunk, which implicitly has a L2 CoS value, we might be able to force the CoS to a zero value upon egress.Like I said, I have access ports to upstream s...
The host/PC will be connected to the access port. I don't know if that solves the problem. In any case, the host may try to modify its frames, and I want to protect myself against such a scenario.If the port is in access mode, the switch should remov...
The PC is connected to c1300 in access 333. C1300 is plugged into C9k access 333. From C3k, the traffic goes through a trunk to the firewall where the PC's default gateway is located. Therefore, traffic from the PC to the FW will go through L2.I mana...
If you would like to help me solve my problem, i.e. resetting the CoS and DSCP tags that come in on the processor, I would gladly accept your help.I am also going to test this iperf3 myself, so I will also provide an update when I solve this problem.
Okay, that makes sense to me.Do you think I should have the "no qos trust command" on the interface (visible in the first message)? Perhaps I need to explicitly create a trust on the interface and additionally set it to 0?What do you think?
