Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello Experts
I have core firewalls (two units) active/standby in transparent mode. Both firewalls are connected to two core Nexus 7k (in vpc) one-leg (off-path) in such as way that:
There is one port-channel say Po1 on Nexus with active firewall a...
Hello Experts
IPSEC vpn filter ACL are applied for inbound traffic or outbound traffic only?
Also if no vpn filter ACL configured, then outbound traffic is allowed as per inside ACL?
Also if vpn filter ACL configured ( (whose last statement is deny...
Hello Experts
I see lot of objects name start with "DM_INLINE_NETWORK_" in ASA configuration. What does it mean?
Sorry for my ignorance, I am new to ASA
Hello Experts
I was doing the cleanup on Cisco ASA version 9.8, I found below weird nat statement and objects. I really appreciate if someone can explain below and let me know if I can delete them safely?
object network obj_any
subnet 0.0.0.0 ...
Hello,I want to creat two virtual routers on my WAN router. One routing table is for LAN routes and other routing table is for WAN routes (ISP BGP routes). How can i accomplish this task and how both virtual routers (routing table) can communicate?On...
Yes. HA links are there. Nexus will learn the mac-addresses of servers from Po1 with primary firewall. Once I do the manual failover (using command not reboot or shutdown the firewall) then Po1 still up and I am expecting that Nexus mac-table will st...
Thanks. But how about below outbound traffic passing through vpn,
I have a flow inside(local) -> outside(remote), tunneled.I have the interface access-list (for example "inside_in") applied in interface "inside". But I also have a VPN-filter (whose...
Hi
I have a flow inside(local) -> outside(remote), tunneled.I have the interface access-list (for example "inside_in") applied in interface "inside". But I also have a VPN-filter (whose last statement is deny ip any any)
When I permit the flow inside...
