Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello,We have a situation, where on a 2 x N5K environment it is necessary for a VPC VLAN to be terminated on down stream routers via HSRP. The routers themselves are single armed to each Nexus, so are orphan ports.The design constraints are forced on...
Hello,Is the L3 daughter card required for connected inter-vlan routing and static routing? Or is it only for dynamic routing?If I have the base license but not the L3 daughter card, am I still able to create L3 SVIs?Forgive my ignorance as I am tryi...
Hello all,I am redistributing static routes to BGP by using "redistribute static route-map". Recently I added a new static route to the access-list used in the route-map. I had to do "clear ip bgp * " to load the new static route into the BGP topolog...
I have a OSPF problem where I can see the LSA's in the OSPF database, but they are not installed to the routing table.
My setup:
[router MelbPOP]-----area 0 [192.168.8.0/30]----------[FW]--------area 1[192.168.8.4/30]---------[router SydPOP]
...
Thanks every one for your replies. Madhu hit the nail here. Well I submitted a case with TAC, and was told it will be supported, because it is not explicitly defined anywhere in documentation the topology is not supported.
Unfortunately as each router is connected to each N5K via a single link only, there is no way for packets ending up on the secondary N5K to hit the primary ASR (which has HSRP Active) without crossing the peer-link :(.
I believe PAN FW uses application signatures to match traffic, not just a FQDN check. Ex: If you have port 80 opened from inside to outside (this is usual for web browsing), it is possible for a inside user to connect to an external server on port 80...
I've worked with ASAs, Juniper SRX's and SSGs extensively. And now also Palo Alto's.In summary Palo Alto blows everything away, and ASA is the worse of the lot.Palo Alto is a next generation firewall so can do policies such as source ip/port to desti...
