Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello, I need to find a way around this issue.We have an ASA 5510 running 8.3 that we need to use to terminate a LAN to LAN IPSEC VPN.Problem is we only have one public address available so have had to configure the link between the ASA and the Inter...
Hi, a colleague tells me the new ASA range can support Active/Active failover where you can have both devices in a pair passing traffic through the same context.This seems quite a radical advancement so I just wanted to make sure this is correct befo...
Hello, I'm looking at implementing a new DMZ and wanted Netflow capability for security monitoring.The architectural principles I have to adhere to dictate that the switches within the DMZ are layer 2 however to get Netflow I need a minimum of a 3560...
Hello, I am in the process of implementing GLBP on a large Campus LAN.I understand the protocol uses multicast to communicate between peers.The Network topology is a standard three tier architecture and the GLBP implementation is to provide resilienc...
Hello, I'm trying to configure a LAN to LAN VPN with an 870 router. It's running 12.4 IOS with the correct 'k' feature set. First of all I configured the router to work on the DSL line without VPN - this worked fine. I then added the VPN configuratio...
Thanks Jennifer, I just needed to know that.We've scheduled some work now that will mean we can reclaim a /29 of public address space so will use this for the outside of the ASA.RegardsRob
Sorry I probably didn't explain very clearly.The Router is actually a L3 switch and quite an old one, I don't think NAT on the switch is an option here. We would struggle to get it through change control for starters.Can I NAT the public IP address ...
Hi Jennifer, thanks for the reply.The outside interface of the ASA is on a private address, this is because we only have one public address available.So what you're saying is we need to NAT the public IP address onto the outside interface IP address ...
Kind of, the traffic I'm interested in will pass through the 3KX module.I need to know if it will work without SVI's configured, the switch will just function purely at layer two?ThanksRob
