Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
This is kind of a general question about how CBAC works. If I have the following inspection on my outside (Internet-facing) interface:ip inspect name ASDF icmp router-trafficip inspect name ASDF tcp router-trafficip inspect name ASDF udp router-traf...
I am having an issue with asymmetric routing that I cannot get a handle on. I have an Internet VLAN with a PIX 525 and two Cisco 3825s. One 3825 connects to AT&T and one connects to Sprint, running eBGP externally on both and iBGP in between. Defa...
I'm seeing posts that hit all around my questions, and based on my intereptation of the documentation it appears that there is no "shell exec" authorization available to the PIX when configured to use a TACACS+ server for authentication. Is this tru...
I have a very similar issue in a slightly different scenario - I have an ASA 5510 running 7.2(2) that is configured for TACACS+ authentication. This works fine, but the backend server (Cisco SecureACS) authenticates any user in the ACS database and ...
Okay, again thanks for your comments.I think I isolated the intermittient web site access problem to CBAC inspection on my MLPPP interface. It appears that it wasn't necessarily anything to do with asymmetric routing. When I removed my "ip inspect"...
So, let me back up a step, do I need to specifically deprefer an ISP via AS_PATH prepending when advertising my LAN block?I know I will need to resolve my asymmetric problem first, but once that's fixed - I'm wondering why I can't just originate my r...