Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
After upgrade to IOS 15.2(4), VSA module in 7206VXR (NPE-G2) is disabled and we cannot enable it. Show diag output:------------------ show diag ------------------Slot 0:VSA IPsec Card Port adapterPort adapter is deactivated Port adapter insertion tim...
Hello,We want to filter IPv6 extension headers on FWSM (4.1.x) and we discovered that filtering does not works at all. For example to filter destination options we used the following IPv6 ACE:ipv6 access-list OUTSIDE6_IN deny 60 any anyThen packets a...
Hi guys,Is there a simple way to migrate shared dACL to group/user mappings from ACS 4 to ACS 5? After migration using the Migration tool provided by Cisco I get shared dACLs and also I get all my users/groups transfered but these shared dACLs are no...
Hello,I have a problem trying to export logs to the Cisco ACS View from my ACS 4.2In the document http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_view/4.0/user/guide/appendixA.html Cisco states that one of the mandatory at...
On Gaia you need to specify RBA roles for different types of privileges. For example, if you want that the user automatically lands into full admin access then configure the following:
add rba role TACP-0 domain-type System readwrite-features tacacs_...
My intention was not to block ICMP, what I need is blocking all packets containing IPv6 destination option in extension header. Sent from Cisco Technical Support iPhone App
Jenifer,ACL is assigned to the interface... Other ACEs are being matched so ACL works but it does not match extension headers correctly:ipv6 access-list OUTSIDE6_IN line 1 deny 60 any any log debugging interval 300 (hitcnt=0) 0xbb24b0a2 ipv6 access-...
