I am not quite sure with RSPAN configuration on the Catalyst 4000 switch with CatOS. --E.g. Source switch………source port 1/1 - VLAN10, RSPAN VLAN 777, reflector port 3/1 set rspan source 1/1 777 reflector 3/1Destination switch…….destination por...
We have used Cisco7206VXR as a perimeter router. Main feature is address translation for a big private network. NAT overload (PAT) is used with a pool of 128 public addresses.The problem is a performance. When nat table contains about 20 000 session...
I have redundant PIX515E - UR+FO. I would need to test a special configuration for a short time. I have an idea to detach the standby pix with a failover licence, erase configuration and use it with a new configuration as a standalone box. After test...
I am using PIX515E with 6.3 as EZ-VPN server so users use a Cisco VPN client for inbound connection into a private network.At the same time inside users want to use a VPN client for outbound IPSec connection. The problem is when PAT is used for outbo...
You should extend your outbound ACL on a perimeter router:ip access-list extended XXXX…..bla…bla….and....deny ICMP any any TIME-EXCEEDEDpermit ip any any
You need to open:1. UDP protocol (protocol number of UDP is 17) PORT 500 for IKE/ISAKMP2. ESP protocol (PROTOCOL number of ESP is 50)--AH protocol (Authentication Header) with protocol number 51 should not be used so it is not necessary.
