Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
NOTE: I have done the same test setup with 4000 series routers, and routing works fine.I have successfully setup 3 SVI (Static Virtual Interface) tunnels with IPSEC between 2 9300X switches.- I can ping the tunnel IPs- I can ping each VLAN interface ...
I enabled ip dns server on a 4351 router, and now I am seeing a broadcast from the mac-address from every interface to the destination of 255.255.255.255(53). I see this in all the ACLs on all the other routers in my test setup.ip dns serverI am seei...
REFERENCE: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/17-13/configuration_guide/sec/b_1713_sec_9300_cg/configuring_ipsec.htmlI can get IKEv1 working no problem, but I cannot get IKEv2 working at all.Configuration...
But when SSH is routed to the Tunnel Interface first, Loopback as source, then out the EXT interface, there is no ACL on the tunnel to go from Lan1 -to- Lan2.- I do not want SSH to LEAK out the EXT interface, I want it to route through the tunnelLan1...
Hello MHM,UPDATE: I did setup the network on my desk and routing worked fine.I tried to simulate MTU values between 300-700 which occurs frequently with the (slow) satellite networks I work with, and I noticed that I can't even adjust the MTU on the...
Hello MHMOn the ACLs, I wanted only to permit the TUNNEL traffic from:- LOOPBACK -to- LOOPBACK- EXT-Interface -to- EXT-InterfaceThis is what is in production right now and is working fine.INNER-VLAN traffic destined to the INNER-VLAN on the other sid...
Hello Adam,You do have a good point to try and remove the default route 0.0.0.0 0.0.0.0 and test it that way.- I really wanted the 9300X to work, but I am finding out that, just because you can configure it and the switch takes it, doesn't mean it wi...
